Brave filed a complaint to the European Commission against 27 Member States for failing to adequately implement the GDPR by under resourcing their DPAs. Two years after the GDPR was first applied, the GDPR is now in danger of failing. Today, Brave reveals why: the governments of EU Member States have not given data protection authorities …
Continue reading “New data on GDPR enforcement agencies reveal why the GDPR is failing”
Since the European General Data Protection Regulation (GDPR) mandate, marketers worldwide have reluctantly appended privacy consent mechanisms to their site user flow. The dark patterns they use show they have no viable alternative but to collect cookie data. Consumers respond by providing fake data, using ad blockers and other techniques. Escaping this vicious cycle requires …
A 2-part blog series for anyone interested in the protections that exist for customers who chose to access their financial data through third-party providers. We hope readers will come away with a clearer view of the different roles of businesses involved in open banking. Part I is about the ‘data retrievers’ — account information services …
“The Italian Court goes beyond the assumption that personal data as the expression of personality rights, subject to specific and not renounceable forms of protection cannot be treated at the same time as an economic asset when they are collected and processed by an organization to extract economic value. In such a context, if the …
Continue reading “The economic exploitation of personal data in privacy and consumer laws”
A first draft of the artificial intelligence policy, which is being coordinated by Ms. Vestager, will be released on Wednesday, along with broader recommendations outlining the bloc’s digital strategy for the coming years. Silicon Valley executives are taking action as Europe has increasingly set the standard on tech policy and regulation. In recent years, the …
Continue reading “Silicon Valley Heads to Europe, Nervous About New Rules”
This is a statutory code of practice prepared under section 122 of theData Protection Act 2018. It provides practical guidance for thoseconducting direct marketing or operating within the broader directmarketing ecosystem. It explains the law and provides good practicerecommendations. Following the code along with other ICO guidancewill help you to comply with the GDPR and …
Continue reading “Direct marketing code of practice (UK Information Commissioner’s Office)”
As part of Boris Johnson’s Withdrawal Agreement Bill, the data privacy protections afforded by GDPR will remain intact for UK residents. Essentially, the current GDPR rules will still apply in the UK after Brexit and will be absorbed into and work hand in hand with the UK’s existing Data Protection Act of 2018. Q: Does …
Continue reading “GDPR and Brexit – What Does Leaving The EU Mean For UK Privacy Protections”
Constantine Karbaliotis, a Canadian Privacy Lawyer has created the mother of all data access requests that a company may receive under GDPR or CCPA. These are the edge cases… but they are the requests that en masse could bring your IT department to its knees if unprepared. The Nightmare Letter: A Subject Access Request under …
Continue reading “Data Subject Access Requests (DSARs) under GDPR & CCPA”
Top three considerations for anyone starting out: GDPR must be your guideBuild in data protection from the very beginning, and put individual rights under the GDPR front and centre. Design with the user in mind Your customer expects you to come up with a system that is straightforward, secure, and effective in achieving their goals. …