Loading

Tag: Privacy

Tag: Privacy

COPPA Compliance in 2025: What Businesses Need to Know About Child Safety Laws

COPPA compliance is paramount for companies operating in the U.S. as this legislation remains a critical law for protecting children’s privacy. The Children’s Online Privacy Protection Act (COPPA) remains one of the most important legal safeguards in the United States, designed to protect children under 13 years old from online data collection without parental consent.

California’s Age-Appropriate Design Code: A push for increased online safety for children

California introduced the Age-Appropriate Design Code Act aimed at enhancing child online safety and data privacy.   California’s Age-Appropriate Design Code Act (CAADCA) was introduced as a groundbreaking law aimed at strengthening online protections for children under 18. Signed into law in September 2022 by Governor Gavin Newsom, the CAADCA was modeled after the UK’s

The UK’s Children’s Code: Update for businesses processing children’s data

The ICO has provided recommended business practices for businesses processing children’s data in the UK, to ensure compliance with the UK’s Children’s Code.   The UK’s Children’s Code (also known as the Age-Appropriate Design Code) sets out key data protection requirements for online services that process children’s personal data. Enforced by the Information Commissioner’s Office

Pseudonymisation guidelines adopted by the EDPB, along with steps to enhance collaboration with competition authorities

The EDPB released new guidelines on pseudonymisation and a position paper on data protection and competition law to strengthen GDPR compliance. In January 2025, the European Data Protection Board (EDPB) made a significant regulatory announcement during its plenary meeting, by adopting new pseudonymisation guidelines, as well as issuing a position paper on the interplay between

The ICO provides tips on data protection

Prioritizing data protection for your business in 2025: ICO provides tips As you undertake business operations this year, there’s one crucial element that shouldn’t be overlooked—data protection. Getting data protection right from the start will not only ensure compliance with data privacy laws but also help you build trust with customers, suppliers, and partners alike.

CNIL imposed a fine of €240,000 on KASPR for multiple GDPR violations

CNIL of France has imposed a fine of €240,000 on KASPR for multiple GDPR violations linked to the unlawful collection and retention of personal data.  KASPR, a company offering a Chrome extension to extract professional contact details from LinkedIn and other online sources, has faced regulatory action for its practices. Through its database of approximately

Coolblue was fined €40,000 for violating GDPR by unlawfully processing personal data via cookies

Coolblue was fined €40,000 by the Dutch DPA for unlawfully processing personal data via cookies, by failing to obtain explicit consent.   The Dutch Data Protection Authority (AP) recently imposed a €40,000 fine on Coolblue for unlawfully processing personal data via cookies in 2020. The violation stemmed from Coolblue’s failure to obtain explicit consent from

Draft Measures for the Certification of the Protection of Personal Information Exported Abroad published by China’s CAC

The Cyberspace Administration of China (CAC) released the draft Measures for Cross-Border Data Transfer which clarify Personal Information Protection Certification.   On January 3, 2025, the Cyberspace Administration of China (CAC) released a draft document titled “Measures for the Certification of the Protection of Personal Information Exported Abroad” (hereinafter, draft measures). These measures, comprising 20

A year of Data Protection Law: 2024 review

Throughout this year, the EU and the UK have experienced several notable developments in data protection. In this article, we will highlight some of the key milestones of 2024.   The year began with an ever relevant reminder, advising UK organisations on the transfer of personal data to the US under the UK GDPR, stressing

A Polish catering company was fined €54,600 for a data breach after an employee lost a flash drive with sensitive data.

A Polish catering company was fined €54,600 for failing to protect personal data after an employee lost a flash drive containing sensitive information, revealing vulnerabilities in the company’s data security. The Polish Data Protection Authority (UODO) recently fined Res-Gastro M. Gaweł Sp. k., a catering company in Kolbuszowa, Poland, €54,600 for failing to implement adequate