In a recent Law360 article, Sheila Millar discusses a proposal from the British Information Commissioners Office (ICO) that significantly restricts how information society services deemed likely to be accessed by children must handle the data they collect, use, and share. In “UK’s Proposed Age-Appropriate Data Code Would Be Onerous” (July 3), she delves into how
The European Data Protection Board (EDPB) has weighed in on the interplay between the General Data Protection Regulation (GDPR) and the ePrivacy Directive in response to questions from the Belgian Data Protection Authority (DPA). Addressing how and when each set of rules applies to processing data, the EDPB stated that “these questions concern a matter
The recent passage of the California Consumer Privacy Act (CCPR) earlier this summer and the entry into force of the General Data Protection Regulation (GDPR) last May has put consumer privacy squarely on the national agenda. Now there are signs that government is responding. While a number of privacy bills have been introduced in Congress
In the latest round of the ongoing battle between Austrian privacy activist Max Schrems and Facebook, the European Court of Justice (CJEU) ruled that Schrems did not have standing to bring claims on behalf of Austrian consumers over Facebook’s alleged violations of users’ privacy rights. The court did, however, allow for Schrems to continue with
Nearly one year after it was first warned its privacy practices were inadequate under European law, popular messaging platform WhatsApp has been cited with privacy deficiencies for a second time. The Article 29 Data Protection Working Party (WP29), which is made up of data regulators from EU Member States and the Commission, sent a letter
The new European Union General Data Protection Regulation (GDPR) (Regulation 2016/679, Apr. 27, 2016) will replace the Data Protection Directive (Directive 95/46/EC) effective May 25, 2018. The GDPR has been a long time coming, and introduces a host of new requirements for companies that use or process data in the EU, or simply use or
The new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This
