PH Privacy

How Are Governments Reacting to the Invalidation of Privacy Shield?
Since the decision by the Court of Justice of the European Union (“CJEU”) to invalidate Privacy Shield and opine on the use of Standard Contractual Clauses ("SCCs"), we have been compiling and maintaining a list of the responses and reactions published by both data protection authorities across the EU and other regulators globally.
The Battle Continues: 101 Complaints are Filed Against Companies Transferring Data to the United States
The dust hasn’t even settled since the Court of Justice of the European Union (“CJEU”) declared Privacy Shield invalid and called into question the use of the Standard Contractual Clauses (“SCCs”), but already Max Schrems and noyb have filed 101 complaints across EU member states regarding personal data transfers in contravention of the law and the recent CJEU decision.
CCPA Final Regulations: California Attorney General Announces Approved CCPA Regulations for Immediate Effect
On Aug. 14, California’s attorney general announced the Office of Administrative Law (OAL) approved the state Department of Justice’s regulations (Final Regulations) implementing the California Consumer Privacy Act (“CCPA”) and filed them with the Secretary of State. As previously requested by the Attorney General, the Final Regulations take effect immediately.
US-EU Joint Statement: Privacy Shield
On August 10, 2020, U.S. Secretary of Commerce Wilbur Ross and European Commissioner for Justice Didier Reynders released a joint press statement (“Statement”) addressing the recent Schrems II ruling from the Court of Justice of the European Union (the “CJEU”).
Practical Next Steps Following Invalidation of Privacy Shield
Following the decision last week by the Court of Justice of the European Union (CJEU) to invalidate the EU-U.S. Privacy Shield (further details on the decision can be read here), the question asked by many businesses has been: we transfer personal data to the U.S., what should we do now?
How Are Governments Reacting to the Invalidation of Privacy Shield?
Following the decision by the Court of Justice of the European Union (the "CJEU") on 16 July 2020 invalidating Privacy Shield and imposing potential constraints on the use of Standard Contractual Clauses ("SCCs") (more information on the decision itself can be read here), we are starting to see data protection authorities and other bodies across the EU, and globally, publicly discussing and commenting on the decision.
Proposed “California Privacy Rights Act” Explained (with Redline)
The California Privacy Rights Act (the “CPRA”) has enough signatures to qualify for inclusion in California’s November 2020 ballot. Though we still await the California AG’s final regulations on the CCPA, the CPRA would build upon the CCPA to impose additional requirements.
COVID-19 UK: The UK ICO Publishes Anticipated Guidance on Workplace Testing
While COVID-19 continues to affect businesses and individuals globally, the conversation with respect to workplaces is starting to change. The rules of lockdown in most countries required (and continue to require) that, where possible, employees work from home: this saw a huge shift and adjustment in how organisations function and operate on a day-to-day basis. However with many countries now starting to look towards softening the lockdown rules, this has led to many employers questioning what steps they may and should take when their employees return to the workplace to ensure the spread of COVID-19 is limited. One such method of lowering the spread in the workplace which has received a lot of attention is workplace testing, particularly temperature testing. For some organisations, requiring employees to undergo anti-body testing may also be a consideration. Testing of any nature would almost certainly always require the employer to process the personal data of the employee with most instances also involving special category data i.e. health data, and therefore would be subject to the laws of data protection in the United Kingdom and European Union.
Seventh Circuit Lowers the Federal Standing Threshold for Illinois Biometric Privacy Act Claimants
This week, the Seventh Circuit Court of Appeals issued a decision that opens the door to more frequent federal court determination of statutory claims under the Illinois Biometric Information Privacy Act, 740 ILCS 14/1–99 (“BIPA”)
COVID-19 – New Federal Data Protection Bill Introduced
The new bill will contain protections for the personal information that is particularly at issue given the COVID-19 pandemic, including health, geolocation, and proximity data with the ultimate goal of providing U.S. citizens with more transparency, choice, and control over the collection and use of their personal information holding businesses directly accountable to their consumers.
1 2 3 4 5 6 7 8 >