Maryland recently passed House Bill 962, amending Maryland’s Personal Information Protection Act (PIPA) (Md. Code Ann. Comm. Law 14-3504). As summarized below, House Bill 962 amends certain aspects of PIPA relating to breach notification and maintaining reasonable security measures to protect personal information. The bill becomes effective October 1, 2022. Reasonable Security: Beginning October 1, […]
Data Protection
Belgian Supervisory Authority Sanctions News Media Company for Violating Cookie Rules
On May 25th, the Belgian Supervisory Authority (“GBA”) announced that it had imposed a fine of EUR 50,000 on a Belgium-based news media company for using cookies on its websites without complying with applicable cookie law requirements. The GBA decided to sanction the company mainly because although the company had obtained consent from website visitors […]
EDPB Issues Draft Guidelines on the Calculation of Administrative Fines
On May 16, 2022, the European Data Protection Board (‘EDPB’) published draft regulatory guidelines (‘draft guidance’) on the calculation of administrative fines for infringements of the EU General Data Protection Regulation (‘GDPR’). In the draft guidance, the EDPB sets out its methodology, consisting of five steps, for calculating administrative fines. The EDPB adopted these guidelines […]
U.S. Department of Commerce Announces the Establishment of a Global CBPR Forum
On April 21, 2022, Canada, Japan, the Republic of Korea, the Philippines, Singapore, Chinese Taipei, and the United States of America issued a Global Cross-Border Privacy Rules Declaration announcing the establishment of the Global Cross-Border Privacy Rules Forum (“Global CBPR Forum”). U.S. Secretary of Commerce Gina M. Raimondo, in her statement, described the establishment of […]
Colorado Issues Pre-Rulemaking Considerations for the Colorado Privacy Act
On April 12, 2022, the Colorado Department of Law (the “Department”) released its Pre-Rulemaking Considerations for the Colorado Privacy Act (the “CPA”), following state Attorney General Phil Weiser’s remarks at the International Association of Privacy Professionals’ (IAPP) Global Privacy Summit in Washington, D.C. The Department seeks informal input on several topics in addition to general […]