EDPS Publishes Opinion on Digital Services Act and Digital Markets Act

On February 10, 2021, the European Data Protection Supervisor published two opinions on the European Commission’s proposals for a Digital Services Act and a Digital Markets Act. The two proposals are part of a set of measures announced in the 2020 European Strategy for Data and have two main goals: (1) creating a safer digital space in which the fundamental rights of all users of digital services are protected, and (2) establishing a level playing field to foster innovation, growth and competitiveness in the European Single Market and globally. Continue Reading

CNIL Calls Organizations to Audit their Sites and Apps for Cookie Compliance

On February 4, 2021, the French Data Protection Authority announced that it sent letters and emails to approximately 300 organizations, both private and public, to remind them of the new cookie law rules and the need to audit their sites and apps to comply with those rules by March 31, 2021. Continue Reading

India Releases Revised Non-Personal Data Framework

On December 16, 2020, the Committee of Experts within India’s Ministry of Electronics and Information Technology issued a revised report on the Non-Personal Data Governance Framework for India. This post details the key takeaways from the revised committee report. Continue Reading

Advocate General Issues Opinion on GDPR’s One-Stop-Shop

On January 13, 2021, Advocate General Michal Bobek of the Court of Justice of the European Union issued his Opinion in the Case C-645/19 of Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority. Continue Reading

New Mexico AG Files Notice of Appeal in Suit Against Google Regarding Alleged Violations of COPPA

On November 27, 2020, New Mexico Attorney General Hector Balderas filed a notice of appeal to the U.S. Court of Appeals for the Tenth Circuit in the lawsuit it brought against Google on February 20, 2020, regarding alleged violations of the federal Children’s Online Privacy Protection Act in connection with G-Suite for Education. Continue Reading

China Issues Draft of Personal Information Protection Law

On October 21, 2020, China issued its draft of Personal Information Protection Law for public comments. This blog entry provides highlights on the draft law. Continue Reading

Webinar on the Latest Developments on Cookie Guidance Featuring the UK ICO and CNIL

Join us on November 5, 2020, for a webinar with representatives from the UK Information Commissioner’s Office and the French Data Protection Authority to explore the latest developments on cookie guidance and compare their respective approaches. This blog entry provides a link to register. Continue Reading

CNIL Publishes Updated Cookie Guidelines and Final Version of Recommendations on How to Get Users’ Consent

On October 1, 2020, the French Data Protection Authority published a revised version of its guidelines on cookies and similar technologies, its final recommendations on the practical modalities for obtaining users’ consent to store or read non-essential cookies and similar technologies on their devices and a set of questions and answers on the Recommendations. Continue Reading

Apple’s iOS 14 Requires New Opt-in Consent for Advertising Identifiers

Apple’s iOS 14, which was announced by Apple in June 2020 and is scheduled for official release later this year, will require that all apps receive user consent in order to access an iPhone’s unique advertising identifier or use the IDFA to automatically track users. Continue Reading