As has been widely reported, in late January the French privacy supervisor CNIL fined Google €50 million for privacy violations relating to targeted marketing using Android user data. One of the core violations the CNIL found was that Google’s Android user interface did not obtain effective, GDPR-compliant consent to targeted marketing from users. The amount […]
Data Protection
EU and Japan Publish a Joint Release on Their Mutual Adequacy Decisions
On January 23, 2019, the Personal Information Protection Commission of Japan (the “PPC”) and the European Commission (the “Commission”) jointly announced the adoption of the decisions recognizing each other’s personal data protection systems as equivalent. The Commission launched the process leading to the adoption of the adequacy decision in September 2018 and successfully completed the […]
Alston & Bird Hosts John Frank of Microsoft to Kick Off IAPP Europe Data Protection Congress 2018
Alston & Bird’s annual event to kick off the IAPP Europe Data Protection Congress 2018 featured a fireside chat with John Frank, Vice-President, EU Government Affairs at Microsoft. Moderated by Peter Swire, Senior Counsel at Alston & Bird, the discussion provided practical insights into areas that are expected to shape privacy and data protection around […]
FTC Publishes Report Regarding Privacy Workshop
In October 2018, the Federal Trade Commission (“FTC”) published a report that summarized discussions at a December 2017 workshop discussing the potential impact to consumers of privacy and security incidents. The purpose of the workshop was to explore whether government intervention in this arena is warranted under the enforcement authority granted to the FTC under […]
Are You Ready for Canada’s New Privacy Breach Rules?
Mandatory privacy breach notification, reporting and record-keeping obligations under Canada’s federal data protection law called the Personal Information Protection and Electronic Documents Act (PIPEDA) will come into force as of November 1, 2018. Earlier this year, the Canadian government published new privacy-related obligations under PIPEDA. PIPEDA applies to private-sector organizations and sets the ground rules […]