Loading

Category: GDPR

GDPR

Web Scraping is almost always unlawful under the GDPR

Under the GDPR, web scraping is almost always unlawful, except for in very few exceptional cases.    The automatic collection and storage of information from the Internet is referred to as web scraping. Through this process, a computer program automatically extracts data from the internet, for example by scanning social media platforms. Scraping involves the

Facial Recognition Technology: legal clarification from the Netherlands DPA

Netherlands DPA (AP) clarifies legal questions regarding the use of Facial Recognition Technology under the GDPR.   The Dutch Data Protection Authority, Autoriteit Persoonsgegevens (AP) has published a new guide that addresses and clarifies frequently asked legal questions about the use of facial recognition technology. The document is primarily designed for privacy professionals and organisations

Unlawful use of data results in significant fine for canvassing company

Unlawful use of data results in significant fine for canvassing company A company was fined by CNIL for unlawfully using data obtained from a data broker for commercial prospecting purposes.    On April 4, 2024, the French data protection authority, CNIL, imposed a significant fine of 525,000 euros on the company HUBSIDE.STORE. The fine was

”Pay or ok” — Does this new paid subscription model invalidate consent?

There has been much debate about the validity of consent under the GDPR as it relates to the “Pay or ok” paid subscription model on social media and other platforms and websites.   Since November 7, European users of Facebook and Instagram have had the option to pay a subscription in exchange for an ad-free

The Indiana Consumer Data Protection Act: continuing the trend of state level Privacy law in the US

Many US states, including Indiana, have implemented comprehensive privacy laws to protect residents’ information, following trends set by the EU GDPR and fellow US States.   With the rise of data breaches and the increasing use of technology in everyday life, many US states have taken it upon themselves to enact comprehensive privacy laws safeguarding

The Delaware Personal Data Privacy Act: A Comprehensive Overview

With the introduction of the Delaware Personal Data Privacy Act, Delaware has joined the ranks of US states with their own consumer privacy laws.   Governments worldwide are enacting legislation to safeguard individuals’ sensitive information and hold businesses accountable for its protection. The Delaware Personal Data Privacy Act (DPPA) is one such regulation that aims

European Data Act enters into force

The European Data Act has entered into force, implementing new rules for a fair and innovative data economy.   The European Data Act recently coming into effect marks a pivotal moment in strengthening data protection measures within the European Union. This legislation aims to establish a framework that ensures a fair and innovative data economy,

EDPB publishes urgent binding decision regarding Meta

EDPB publishes urgent binding decision regarding Meta, emphasizing the company’s obligation to provide clear, transparent information to users about how their data is being used.   The European Data Protection Board (EDPB) recently published an urgent binding decision regarding Meta, the technology conglomerate, also known as Facebook. This decision marks an important development in data

UK-US Data Bridge heralds a new era of transatlantic data flow

Alongside the EU- and Swiss-US Data Privacy Frameworks, the implementation of the UK-US Data Bridge heralds a new era of transatlantic data flow, emphasizing the importance of data protection.   On 12th October 2023, a significant milestone was achieved as the UK-US Data Bridge officially became law, marking a new era of transatlantic data flow.

Virginia Consumer Data Protection Act

The Virginia Consumer Data Protection Act (VCDPA) is a key US legislation aimed at protecting consumer data by establishing clear guidelines for businesses.   The Virginia Consumer Data Protection Act (VCDPA), which was signed into law on March 2, 2021, and came into force on January 1, 2023, aims to protect the personal data of