On July 29, 2019, the Court of Justice of the European Union (ECJ) published its judgement in case C-40/17, holding – like Advocate General Bobek (see here) suggested – that an organization who embeds a Facebook “Like” button on its website may be considered a data controller.
In this case, a German fashion online retailer embedded a Facebook’s ‘Like’ button in its website. As a result, when users landed on the retailer’s website, information about those users’ Read more [...]
On July 4, 2019, the Commission Nationale de l’informatique et des Libertés (CNIL), the French Data Protection Authority (DPA) adopted new guidelines on cookies and other tracking devices (“Guidelines”). According to the press release, the scrolling down or swiping through a website or application is no longer viewed as a valid expression of consent to the implementation of cookies; tracking services will have to prove that they have obtained consent.
The CNIL adopted the Read more [...]
On May 30, 2019, Oregon Governor signed HB 2395 containing security measures required for devices that connect to the Internet and that are assigned an Internet Protocol address or another number that identifies the connected device.
The manufacturer shall equip the connected device with “reasonable security features”, which may consist of means for authentication from outside a local area network and compliance with federal law requirements that apply to security measures for Read more [...]
On July 9, 2019, the European Court of Justice (CJEU) heard oral arguments on a landmark case concerning Facebook's transfer of personal data from the EU to the US on the basis of the currently utilized “standard contractual clauses” (SCCs) mechanism. The CJEU's decision -- will have tangible consequences for businesses performing data transfers from the EU to the US -- is expected in December 2019.
Background
By way of background. In 2013 Mr. Schrems demanded the suspension of data flow Read more [...]
On June 6, 2019 Maine’s governor signed into law LD 946, “An Act To Protect the Privacy of Online Customer Information.”
The Act applies to broadband internet service providers (ISPs) defined as any “mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all Internet endpoints.”
ISPs are prohibited from using, disclosing, or selling their customers personal information, which includes the Read more [...]
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptRead More