COVID-19 has created a range of new privacy challenges for businesses. One challenge is the obligation for venues to collect COVID-19 contact tracing information.
A number of smart city initiatives could generate privacy concerns, when they involve collecting personal information.
Morrison & Foerster LLP
Now that the Brazilian law on the use of personal information (Lei Geral de Proteção de Dados or LGPD) has entered into force on 18 September 2020
McCarthy Tétrault LLP
The filing of concurrent multi-jurisdictional class actions applications based on the same facts has long been a thorn in the side of judicial federalism.
Bennett Jones LLP
In its Annual Report to Parliament on the Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA), ...
The UK Information Commissioner's Office ("ICO") announced on 16 October 2020 that it has ultimately decided to fine British Airways ("BA") £20 million for BA's contraventions of the...
After all, the concept of privacy by default and design, which permeates the precepts of the GDPR, intends for there to be a climate of data privacy in organisations.
Data transfers are a staple to the global ecosystem of the digital services economy, despite this, the future of cross-border data transfers between Member States within the European Union ("EU")...
On the 7th of November 2019, the European Data Protection Supervisor ("EDPS") issued guidelines ("Guidelines") on the concepts of controller, processor and joint controllership under Regulation...
Akin Gump Strauss Hauer & Feld LLP
United Kingdom, French and Belgian national security laws (and such laws of other EU Member States) fell under the scrutiny of ...
On the 4th of May 2020, the European Data Protection Board (EDPB) issued fresh guidelines on ‘consent' titled Guidelines 05/2020 on consent under Regulation 2016/679 (Guidelines).
Global Advertising Lawyers Alliance (GALA)
On October 1, 2020, the French Data Protection Agency published a "Recommendation" document and Guidelines (both issued on September 17, 2020) pertaining to the use of tracking technologies (e.g., cookies).
Data, for the purposes of regulation, can be classified into personal data and non-personal data. Currently, in India data protection and privacy is governed by Section 43A and Section 72A...
Guidance was accompanied by a report
UK Organisations which do business in Ireland and process personal data often assume that compliance with the GDPR is sufficient in order to process the personal data of Irish...
From the earliest stages of project development, businesses engaged in the processing of individuals' personal data are required to implement ‘privacy by design' and ‘privacy be default'
As the COVID-19 pandemic continues, retailers have been required to adapt quickly to ensure that their online market place is established...
The names, contact details, email addresses, medical records and health data of individuals and patients who attend a GPs practice are protected by strict European and Irish data protection laws...
In this briefing, we consider some of the issues that arise in dealing with requests by law enforcement authorities to produce records that contain personal data.
The Court of Justice of the European Union (hereinafter ‘CJEU') has recently delivered two judgements which albeit addressing separate points of law, in practical terms are seemingly conflicting.