EDPB says that cookie walls require a tracking-free alternative (not necessarily free of charge) – and the German Federal Supreme Court rules against opt-out consent for tracking cookies under German law
Introduction
In 2019, various EU member states issued guidance as to whether opt-in consent is necessary for non-essential cookies, with some guidance suggesting opt-in
2020 heralds a proliferation of data privacy laws as countries and states follow on from GDPR and CCPA and rush to put privacy on the statute books.
It’s hard to keep track. Now with the added uncertainty of a global pandemic, this has privacy teams shifting focus. In this webinar we’ll
review the global data
Regulators’ enforcement priorities evolve alongside technological changes and in response to consumer-impacting activities that are emphasized in news headlines. This trend can be seen in the SEC’s relatively recent focus on monitoring and bringing formal actions against opportunistic stock trading by corporate insiders who have knowledge of enterprise security incidents and data breaches.
As the SEC described in its 2018 guidance intended to assist public companies in preparing disclosures about cybersecurity risks and incidents: “Companies and their directors, officers, and other corporate insiders should be mindful of complying with the laws related to insider trading in connection with information about cybersecurity risks and incidents, including vulnerabilities and breaches.”
What follows is an overview of an article published in Cybersecurity Law Report (subscription paywall) last week by Greenberg Traurig’s Darren Abernethy regarding the interplay between corporate insider trading and cybersecurity incidents, including some possible planning steps for businesses to consider with legal counsel.
Continue Reading Insider Trading in the Data Breach Context: Proactive Corporate Planning and Regulatory Enforcement
In August 2018, Brazil took a significant step by passing comprehensive data protection legislation: the General Data Protection Law (Lei Geral de Proteção de Dados Pessoais – Law No. 13,709/2018, as amended) (LGPD). The substantive part of the legislation takes effect August 16, 2020, leaving fewer than six short months for companies to prepare.
With the backdrop of an apricot-coral sunset from high above San Francisco Bay, Greenberg Traurig was pleased to welcome leaders from the United Kingdom’s Information Commissioner’s Office (ICO), as part of an IAPP S.F. Bay Area Knowledgenet held at the law firm on February 11.
The U.K.’s Information Commissioner, Elizabeth Denham, and ICO Executive Director,
On January 8, 2020, the “Virginia Privacy Act” (HB 473), was introduced for consideration to the General Assembly of Virginia. The proposed legislation includes notice requirements similar to the California Consumer Privacy Act’s (CCPA), provides consumers with rights similar to those under the EU’s General Data Protection Regulation (GDPR), and unlike either
At the end of October 2019, the Berlin Commissioner for Data Protection and Freedom of Information imposed a fine of about EUR 14.5 million against a German residential real estate company for various violations of the EU General Data Protection Regulation (GDPR). The fine is not yet legally binding but, reportedly, has been appealed. However,
On Nov. 22, 2019, the representatives of the EU member states rejected the Finnish Presidency’s proposed text for the ePrivacy Regulation, making the future of ePrivacy Regulation uncertain. The ePrivacy Regulation, which if adopted would be binding across all EU member states, will govern direct electronic marketing messages, cookies, and similar tracking technologies. The ePrivacy
On Nov. 5, California Congresswomen Anna G. Eshoo and Zoe Lofgren introduced the Online Privacy Act of 2019, H.R. 4978, to balance the actual needs of businesses with users’ fair privacy rights and expectations. The proposed privacy bill seeks for the United States to adopt many of the requirements of the California Consumer Privacy Act (CCPA), which is effective Jan. 1, 2020, and that exist under the EU’s General Data Protection Regulation (GDPR). Below is a brief summary of the main components of the Act. A copy of the Online Privacy Act can be found here, and a section-by-section analysis by the Congresswomen can be viewed here.
Continue Reading California Congresswomen Propose New Federal Privacy Legislation – Online Privacy Act of 2019
On Sept. 24, 2019, the Court of Justice of the European Union (CJEU) decided that the “right to be forgotten” does not require a search engine operator to carry out de-referencing on non-EU member state versions of its search engine.
Background
The case relates to a penalty of €100,000 that the French data protection authority,