Tag:privacy

1
FTC Issues First Order Prohibiting Sale of Sensitive Location Data
2
CJEU Decides on Use of Automatically Generated Scoring Values
3
CJEU Holds German Provisions for Imposing Fines on Companies for GDPR Violations Invalid
4
UK’s top Websites Receive Cookie Warnings from the Information Commissioner
5
Australia’s Privacy Framework set to be Revamped Following the Government’s Response to the Privacy Act Review Report
6
California Proposes Cybersecurity Requirements for Businesses
7
Japanese Privacy Regulator Cautioned Businesses regarding Issues Relating to Generative AI Services
8
Australian Government contemplates Asimov’s Omnibus
9
Privacy Awareness Week Part V – Return of the Privacy Policy
10
Privacy Awareness Week Part IV – Privacy Priorities

FTC Issues First Order Prohibiting Sale of Sensitive Location Data

Jan 19 2024
Browse archives for January 19, 2024
Posted in

Privacy, Privacy, Data Protection & Information Management

Tagged with , ,
Share

By Eric F. Vicente Flores and Whitney E. McCollum

On 9 January, 2024, the Federal Trade Commission (FTC) issued its first settlement prohibiting a data broker from sharing or selling sensitive location data, and required deletion of all location data collected deceptively. The FTC alleged that X-Mode Social (“X-Mode”), and Outlogic, LLC (“Outlogic”), X-Mode’s successor firm, failed to implement reasonable and appropriate safeguards on the use of such information by third parties. X-Mode/Outlogic collected personal information, including location data via its mobile applications, which it would then sell to third parties. 

Read More

CJEU Decides on Use of Automatically Generated Scoring Values

Dec 18 2023
Browse archives for December 18, 2023
Posted in

Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Dr. Thomas Nietsch

In its judgment dated 7 December 2023 (C-634/21 – Schufa) presented by the Administrative Court Wiesbaden (Germany), the court held that Article 22 of the GDPR (Art. 22 GDPR) applies also to probability values that are created by credit scoring agencies on the basis of personal data and used by third parties in order to decide whether the respective individual is eligible for a credit or establishing a contract.

Read More

CJEU Holds German Provisions for Imposing Fines on Companies for GDPR Violations Invalid

Dec 15 2023
Browse archives for December 15, 2023
Posted in

Privacy, Data Protection & Information Management

Tagged with , , , , ,
Share

By Dr. Thomas Nietsch

In a judgment dated 5 December 2023 (Case C-807/21 – Deutsche Wohnen) presented by the Higher Regional Court Berlin (Kammergericht), the Court of Justice for the European Union (CJEU) held that a German law permitting administrative fines against corporate entities where an identified legal representative of that entity was proven to have committed a criminal or administrative offence, which at the same time led to the corporate entity breaching its obligations, is not in line with GDPR.

Read More

UK’s top Websites Receive Cookie Warnings from the Information Commissioner

Dec 07 2023
Browse archives for December 07, 2023
Posted in

Government Regulation, Legislation & Enforcement, Litigation of Data Breaches, Privacy, Data Protection & Information Management

Tagged with , , , , , , ,
Share

By Claude-Étienne Armingaud and Sophie Verstraeten

The UK’s Information Commissioner (the “ICO”) has recently sent warnings to the UK’s most visited websites to inform them that they may face enforcement action if they do not make changes to their cookie banner to ensure compliance with UK data protection law. For example, some websites warned by the ICO do not provide their user with a fair choice on tracking for personalised advertising. This position aligns with the EU’s stance, noting France (see prior Alert here).

Read More

Australia’s Privacy Framework set to be Revamped Following the Government’s Response to the Privacy Act Review Report

Oct 13 2023
Browse archives for October 13, 2023
Posted in

Privacy, Privacy, Data Protection & Information Management

Tagged with , , , , , , ,
Share

By: Cameron Abbott, Rob Pulham, Stephanie Mayhew,and Maddy Bassal

Last week the federal Government released its response (the Response) to the recommendations proposed by the AGD’s Privacy Act Review Report released in February 2023 (the Report).

Read More

California Proposes Cybersecurity Requirements for Businesses

Oct 11 2023
Browse archives for October 11, 2023
Posted in

Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By: Eric Vicente Flores, Avril Love, and Whitney McCollum

In recognition of Cybersecurity Awareness Month in the US, we will be bringing awareness to relevant 2023 cybersecurity updates each week.

On 28 August, the California Privacy Protection Agency (CPPA) published draft regulations regarding risk assessments and cybersecurity audits for consideration at the Board’s September meeting. The draft regulations precede the formal rulemaking process, but provide insight into CPPA’s current priorities.

Read More

Japanese Privacy Regulator Cautioned Businesses regarding Issues Relating to Generative AI Services

Jul 06 2023
Browse archives for July 06, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, New Developments

Tagged with , , , , ,
Share

By Yuki Sako and Aiko Yamada

Following the call for international standards on Artificial Intelligence (AI) at the recent G7 summit, on 2 June 2023, in a rare move, Japan’s Personal Information Protection Commission (PPC) issued two warnings in a publicly released letter (the “Letter”):

  • Firstly to the three categories of users of generative AI services, i.e.,
    • business operators who collect personal information and thus are subject to the Act on the Protection of Personal Information of Japan (APPI);
    • government agencies, which may adopt generative AI services into their operations; and
    • the general public; and
  • Secondly to the “ChatGPT” developers/publishers. 
Read More

Australian Government contemplates Asimov’s Omnibus

Jun 22 2023
Browse archives for June 22, 2023
Posted in

Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, New Developments, Privacy, Data Protection & Information Management

Tagged with , , , , ,
Share

By Cameron Abbott, Daniel Knight, Rob Pulham, Stephanie Mayhew, and Dadar Ahmadi-Pirshahid

Amid the rapid acceleration of tools like ChatGPT and global calls for tailored regulation of artificial intelligence tools, the Australia Federal Government has released a discussion paper on the safe and responsible use of AI. The Government is consulting on what safeguards are needed to ensure Australia has an appropriate regulatory and governance framework to manage the potential risks, while continuing to encourage uptake of innovative technologies.

Read More

Privacy Awareness Week Part V – Return of the Privacy Policy

May 05 2023
Browse archives for May 05, 2023
Posted in

Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Dadar Ahmadi-Pirshahid

You’ve reached the end of a long week, riddled with proselytising about the importance of being privacy aware and privacy prepared. You get it! You lay your head to a well-earned rest…and like Kate McCallister wake screaming “Privacy Policy”! In true “back-to-basics” fashion, the privacy policy is getting a reboot!

Read More

Privacy Awareness Week Part IV – Privacy Priorities

May 04 2023
Browse archives for May 04, 2023
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Privacy, Data Protection & Information Management

Tagged with , , , ,
Share

By Cameron Abbott, Rob Pulham and Stephanie Mayhew

Given the current privacy reform and cyber threat environment, the question we get asked a lot is – what are the privacy risks that should be assessed in our organisation and how do we prioritise these? Unfortunately this isn’t always a ‘one size fits all’ answer but there are some basic matters you can check as to whether your organisation is considering privacy risks proactively.

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.