Category: Data Protection

Data Protection

”Pay or ok” — Does this new paid subscription model invalidate consent?

There has been much debate about the validity of consent under the GDPR as it relates to the “Pay or ok” paid subscription model on social media and other platforms and websites.   Since November 7, European users of Facebook and Instagram have had the option to pay a subscription in exchange for an ad-free

Iowa Consumer Data Privacy Act: What organizations should be aware of

The Iowa Consumer Data Privacy Act (ICDPA), scheduled to come into force from January 2025, introduces specific requirements for organizations which process the data of Iowa residents.    Iowa has its own data privacy laws that organizations need to be aware of. The Iowa Consumer Data Privacy Act (ICDPA) was enacted in 2020 and it

The Indiana Consumer Data Protection Act: continuing the trend of state level Privacy law in the US

Many US states, including Indiana, have implemented comprehensive privacy laws to protect residents’ information, following trends set by the EU GDPR and fellow US States.   With the rise of data breaches and the increasing use of technology in everyday life, many US states have taken it upon themselves to enact comprehensive privacy laws safeguarding

The Delaware Personal Data Privacy Act: A Comprehensive Overview

With the introduction of the Delaware Personal Data Privacy Act, Delaware has joined the ranks of US states with their own consumer privacy laws.   Governments worldwide are enacting legislation to safeguard individuals’ sensitive information and hold businesses accountable for its protection. The Delaware Personal Data Privacy Act (DPPA) is one such regulation that aims

European Data Act enters into force

The European Data Act has entered into force, implementing new rules for a fair and innovative data economy.   The European Data Act recently coming into effect marks a pivotal moment in strengthening data protection measures within the European Union. This legislation aims to establish a framework that ensures a fair and innovative data economy,

The ICO issues guidance on personal data transfers to the US under UK GDPR

The ICO issues guidance aiming to support organisations conducting personal data transfers to the US using an Article 46 UK GDPR mechanism to those organisations that are not self-certified under the UK Extension to the EU-US DPF.    Transferring personal information across borders has become a crucial aspect of our interconnected world. In the digital

A year of Data Protection Law: 2023 review

Over the course of this year, there have been several significant advancements in the world of data protection across the EU and the UK. In this article, we will present some of the major milestones of 2023.   In early 2023, CNIL reminded organizations to stay updated on data protection laws and adapt practices to

EDPB publishes urgent binding decision regarding Meta

EDPB publishes urgent binding decision regarding Meta, emphasizing the company’s obligation to provide clear, transparent information to users about how their data is being used.   The European Data Protection Board (EDPB) recently published an urgent binding decision regarding Meta, the technology conglomerate, also known as Facebook. This decision marks an important development in data

Developing the EU AI Act: EU lawmakers discuss revised governance structure

In developing the EU AI act, the European Union is actively working on establishing comprehensive regulations to guide the responsible development and use of artificial intelligence.   In an era characterized by rapid advancements in technology, the European Union continues to address the challenges and opportunities presented by artificial intelligence (AI). EU lawmakers have been

EU Data Act: An update on the agreed text

In June 2023, policy makers reached an agreement on the EU Data Act, initially proposed in February, 2022.   The European Union’s Data Act, proposed in February 2022, is set to revolutionise the EU data economy. The Act is designed to foster data sharing and use across the EU, leveraging data as a critical asset