EU governments and lawmakers agreed provisionally on a law meant to streamline and harmonize General Data Protection Regulation (GDPR) cross-border enforcement processes among national data protection authorities (DPAs), said the Council and the European Parliament on Monday. They also agreed on an early resolution mechanism.
The controversial U.K. Data Use (and Access) Bill (DUA), which cleared Parliament Wednesday night and awaits Royal Assent before becoming law, continues to spark concerns about whether its divergences from the General Data Protection Regulation (GDPR) and other EU laws will adequately protect Europeans' personal data. Moreover, passage of the bill could prompt the European Commission to deny adequacy status to Britain's data-protection regime, privacy attorneys and civil society groups said.
Ireland's Department of Social Protection (DSP) breached the General Data Protection Regulation when it collected biometric data in connection with registrations needed on applications to obtain a public services card, the Data Protection Commission (DPC) announced Thursday.
SANTA CLARA, Calif. -- Advertisers and regulators are considering the potential of privacy-enhancing technologies (PETs) to balance business interests with protecting consumers’ privacy, panel members said Monday during the USENIX Privacy Engineering Practice and Respect (PEPR) conference. But whether PETs, which include differential privacy and homomorphic encryption, are up to the task is unclear, panelists said.
The actual cost to a company from a privacy enforcement action could be many times higher than the regulator's fine, Clarip CEO Andy Sambandam said in an interview. Privacy has become a quickly rising concern for companies amid a growing number of privacy laws and state enforcement actions, he told Privacy Daily.
Worldwide interest is growing in adopting the Global Cross-Border Privacy Rules (GCBPR) system for international data transfers, the Hogan Lovells law firm reported.
Comparing the number of data thefts before and after the General Data Protection Regulation was implemented shows that its data breach notification requirements resulted in a decrease of 2.5%-6.1% in identity thefts, French privacy watchdog CNIL said Thursday.
Spotify must pay more than $6 million for processing personal data in violation of the General Data Protection Regulation (GDPR), Sweden's Administrative Court of Appeal in Stockholm said Tuesday.
The emergence of AI and adtech is forcing a rethink of gathering and managing consent for use of personal data, speakers said Tuesday at a #RISK Digital UK/EU webinar.
A Belgian Market Court decision last month has implications for companies that collect consent from data subjects for tracking, cookies and other online advertising tools using Interactive Advertising Bureau (IAB) Europe's transparency and consent framework (TCF), Hogan Lovells privacy attorney Etienne Drouard said in an interview.