Privacy & Cyber Regulatory Enforcement

Belgian Court Uses Novel Argument to Assume International Jurisdiction over Non-EU Facebook Entities

March 21, 2018 By Daniel Felz and Privacy, Cyber & Data Strategy Team

On February 16, 2018, the Brussels Court of First Instance rendered a judgment in proceedings brought by the Belgian Privacy Commission’s against Facebook. The case forms one part of two-tiered litigation brought by the Commission in regards to alleged monitoring practices vis-à-vis Belgian internet users. In parallel to the proceedings that resulted in the judgment […]

Singapore Joins the APEC CBPR and PRP

March 7, 2018 By Maki DePalo

On March 6, Singapore announced that it has become the sixth country to participate in the Cross-Border Privacy Rules System (CBPR) as of February 20, 2018, joining the United States, Mexico, Canada, Japan and the Republic of Korea, and the second country to participate in the Privacy Recognition for Processors System (PRP) alongside the United […]

In Order, FTC Recognizes Lower Notice Requirements for “Consumer-Expected” Data Collection

March 5, 2018 By Privacy, Cyber & Data Strategy Team

Last week, the Federal Trade Commission granted a petition by Sears Holding Management seeking modification of a 2009 Commission Order. The notable 2009 Order settled allegations that Sears had improperly failed to provide notice regarding data collection by certain software the company offered to consumers. Sears argued that the 2009 Order placed it at a […]

German DPAs Publish Model GDPR Processing Records – Translations Provided

February 26, 2018 By Daniel Felz

In just under 100 days, the EU General Data Protection Regulation (GDPR) enters into force. One of the major changes the GDPR introduces is a duty for in-scope controllers and processors to maintain written records of their processing activities. Under Article 30 GDPR, companies will need to inventory all “processing activities under [their] responsibility” and […]

100 Days Until GDPR Effective Date – Sharing Our GDPR Experience

February 14, 2018 By Daniel Felz and Privacy, Cyber & Data Strategy Team

In less than 100 days, the General Data Protection Regulation (GDPR) will go into effect. This means that as of May 25, 2018, each national Supervisory Authority will have the authority to apply and enforce the GDPR. The GDPR raises the bar in terms of requirements substantially higher than the Data Protection Framework Directive. For […]