Blog - Page 5 of 73 - Avvocato Federica Romanelli

Utah passes bill regulating warrant (and exceptions) to search certain electronic information

Posted on April 18, 2019April 22, 2019 by Federica Romanelli

On March 27, 2019, the Utah Governor signed H.B.57 into law. The Bill modifies provisions related to privacy of electronic information or data and their access by law enforcement. H.B 57 defines electronic information and data as being any “information or data including a sign, signal, writing, image, sound, or intelligence of any nature transmitted or stored in whole or in part by a wire, radio, electromagnetic, photoelectronic, or photo optical system.” The definition includes location information, Read more [...]

UK DPA fined “parenting club” company for violation of the principle of “fairness” in processing

Posted on April 18, 2019April 22, 2019 by Federica Romanelli

On April 9, 2019, the UK Data Protection Authority, the Information Commissioner Officer (ICO), served a monetary penalty notice under section 55A of the Data Protection Act 1998 (DPA) of around $ 520,000. The fined company (Bounty) shared the personal data of over 14 million individuals to a number of organizations including credit reference and marketing agencies without informing those individuals that it might do so. According to the ICO, the company processed the personal data Read more [...]

Illinois bill aims at eliminating BIPA (Biometric Information Privacy Act)’s private right of action

Posted on April 16, 2019April 18, 2019 by Federica Romanelli

On February 25, 2019, an Illinois Senator introduced SB2134 to amend the Biometric Information Privacy Act (740 ILCS 14/1 et seq., BIPA) creating a private right of action. The bill is currently in Committee. The majority of BIPA claims have been brought against businesses as class actions seeking statutory damages. Synopsis Amends the Biometric Information Privacy Act. Deletes language creating a private right of action. Provides instead that any violation that results from Read more [...]

Polish DPA imposes first GDPR fine for breach of duty to inform data subjects

Posted on April 15, 2019 by Federica Romanelli

On March 26, 2019, Urzędu Ochrony Danych Osobowych (UODO), the Polish Data Protection Agency (DPA) imposed a fine of around $250,000 on a company for failure to fulfill its information obligation as a controller. The UODO explained that the controller did not meet the information obligation (Art. 14 (1) – (3), GDPR) in relation to over 6 million people. The company fulfilled the information obligation by providing the required information to the individuals whose e-mail addresses it had Read more [...]

EDPB on data transfer from EEA to UK

Posted on March 27, 2019March 27, 2019 by Federica Romanelli

On February 12, 2019 the European Data Protection Board (EDPB) warned that in the absence of an agreement between the EEA and the UK (no-deal Brexit), the UK will become a third country from 00.00 am CET on 30 March 2019. The EDPB provides 5 steps organizations that transfer data to the UK should take to prepare for a no-deal Brexit: Identify what processing activities will imply a personal data transfer to the UK Determine the appropriate data transfer instrument for your situation (see Read more [...]