On March 27, 2019, the Utah Governor signed H.B.57 into law. The Bill modifies provisions related to privacy of electronic information or data and their access by law enforcement.
H.B 57 defines electronic information and data as being any “information or data including a sign, signal, writing, image, sound, or intelligence of any nature transmitted or stored in whole or in part by a wire, radio, electromagnetic, photoelectronic, or photo optical system.” The definition includes location information, Read more [...]
On April 9, 2019, the UK Data Protection Authority, the Information Commissioner Officer (ICO), served a monetary penalty notice under section 55A of the Data Protection Act 1998 (DPA) of around $ 520,000. The fined company (Bounty) shared the personal data of over 14 million individuals to a number of organizations including credit reference and marketing agencies without informing those individuals that it might do so. According to the ICO, the company processed the personal data Read more [...]
On February 25, 2019, an Illinois Senator introduced SB2134 to amend the Biometric Information Privacy Act (740 ILCS 14/1 et seq., BIPA) creating a private right of action. The bill is currently in Committee.
The majority of BIPA claims have been brought against businesses as class actions seeking statutory damages.
Synopsis
Amends the Biometric Information Privacy Act. Deletes language creating a private right of action. Provides instead that any violation that results from Read more [...]
On March 26, 2019, Urzędu Ochrony Danych Osobowych (UODO), the Polish Data Protection Agency (DPA) imposed a fine of around $250,000 on a company for failure to fulfill its information obligation as a controller.
The UODO explained that the controller did not meet the information obligation (Art. 14 (1) – (3), GDPR) in relation to over 6 million people. The company fulfilled the information obligation by providing the required information to the individuals whose e-mail addresses it had Read more [...]
On February 12, 2019 the European Data Protection Board (EDPB) warned that in the absence of an agreement between the EEA and the UK (no-deal Brexit), the UK will become a third country from 00.00 am CET on 30 March 2019.
The EDPB provides 5 steps organizations that transfer data to the UK should take to prepare for a no-deal Brexit:
Identify what processing activities will imply a personal data transfer to the UK
Determine the appropriate data transfer instrument for your situation (see Read more [...]
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptRead More