On February 7, 2020, the California Office of the Attorney General released Modified Regulations to the California Consumer Privacy Act (“CCPA”). The Modified Regulations update the Initial Proposed Regulations, which were previously published on October 11, 2019. The deadline to submit written comments is February 24, 2020 at 5:00 pm PST. We will follow up […]
Mobile Privacy
French CNIL Launches Public Consultation on Cookie Consent Recommendations
On January 14, 2020, the French data protection authority (CNIL) launched a public consultation on its draft recommendations for the collection of consent in the context of cookies and other tracking technologies (the ‘draft Recommendations’). Under EU ePrivacy rules, such technologies generally may not be placed on – or accessed from – users’ devices without […]
German DPAs Issue DPIA Blacklists; Many Companies Likely to be Affected
The GDPR entered into force on May 25, 2018. One of the GDPR’s core going-forward obligations is the duty to conduct Data Protection Impact Assessments (DPIAs) over processing activities that create a “high risk” to individuals’ privacy. DPIAs constitute an important aspect of GDPR compliance, as they arguably replace the notifications of processing systems and […]
In Order, FTC Recognizes Lower Notice Requirements for “Consumer-Expected” Data Collection
Last week, the Federal Trade Commission granted a petition by Sears Holding Management seeking modification of a 2009 Commission Order. The notable 2009 Order settled allegations that Sears had improperly failed to provide notice regarding data collection by certain software the company offered to consumers. Sears argued that the 2009 Order placed it at a […]
ePrivacy Regulation Trilogue Negotiations Pushed back to Fall 2018; Final ePrivacy Regulation may not be in Place until 2020
About this time last January, the European Parliament released its proposal for a new ePrivacy Regulation. The intent of the ePrivacy Regulation is to replace the current ePrivacy regime – which consists of an ePrivacy Directive and a patchwork of local implementing legislation – with a uniform set of directly-applicable EU-wide rules. Since the Parliament […]