Updates on developments in data privacy and cybersecurity
On September 10, 2019, the Court of Justice of the European Union (“CJEU“) issued its decision in the Planet 49 case. The case centers on the consent requirements for the use of cookies.
Planet49 GmbH offered an online lottery service for which interested users had to register. The registration form asked users to tick a…
On June 27, 2019, the High Court of Frankfurt decided that a consent for data processing tied to a consent for receiving advertising can be considered as freely given under the GDPR.
The case concerned an electricity company that relied on consent obtained by another company to advertise its products and services to the claimant.…
Back in 2013, we published a blog post entitled, “European Regulators and the Eternal Cookie Debate” about what constitutes “consent” for purposes of complying with the EU’s cookie rules. The debate continues… Yesterday, the ICO published new guidance on the use of cookies and a related “myth-busting” blog post. Some of the…
On June 28, 2019, the French Supervisory Authority (CNIL) announced that it will issue new guidelines on the use of cookies for direct marketing purposes. It will issue these guidelines in two phases.
First, during July 2019, the CNIL will update its guidance issued in 2013 on cookies. According to the CNIL, the 2013 guidance…
On March 21, 2019, Advocate General Szpunar released his opinion in the Planet49 case, currently pending before the Court of Justice of the European Union (CJEU). The case centers on the use of consent for the processing of personal data and consent for the use of cookies.
Planet49 GmbH offered an online lottery service for…
On March 7, 2019, the Dutch Supervisory Authority for data protection issued guidance prohibiting the use of “cookie walls” on websites. Cookie walls require website users to consent to the placing of tracking cookies or similar technologies before allowing them access to the website. According to the regulator, it received many complaints about this practice.…
The European Data Protection Board (“Board”) released an opinion on January 23, 2019, on the intersection between the EU General Data Protection Regulation (“GDPR”) and the Clinical Trials Regulation (“CTR”). The opinion considers a Q&A on this topic prepared by the European Commission’s Directorate General for Health. The Directorate General decided to create this Q&A…
On February 1, 2019, China’s National Information Security Standardization Technical Committee (“TC260”) released a set of amendments to GB/T 35273-2017 Information Technology – Personal Information Security Specification (“the Standard”) for public comment. The comment period ends on March 3.
Although not legally binding, the Standard has been highly influential since becoming effective in May 2018, as it set out the best practices expected by Chinese regulators (see our previous blogpost on the Standard here). The Standard has been widely used by companies to benchmark their compliance efforts in China.
The draft amendments reflect Chinese regulators’ evolved thinking on a number of important topics that are hotly debated around the world, such as enhanced notice and consent requirements and requirements for target advertising. The draft amendments would also introduce new requirements for third party access to data and revise notification requirements for data beaches, among other proposed changes.
Continue Reading China Releases Draft Amendments to the Personal Information Protection Standard
On January 21, 2019, the French Supervisory Authority for data protection (“CNIL”) issued a fine of €50 million against Google for violations of the General Data Protection Regulation (“GDPR”) (the decision was published in French here). The CNIL’s decision was triggered by complaints from two non-profit organizations together representing 9974 individuals. The case raises…
On 30 November 2018, the Austrian Data Protection Authority (“DPA”) decided that the website of an online media publisher – which offers users the option to either consent to advertising cookies or pay for a subscription – gives users a free choice that is compatible with the requirements of consent under the GDPR. (The decision…
We and the third parties that provide content, functionality, or business services on our website may use cookies to collect information about your browsing activities in order to provide you with more relevant content and promotional materials, on and off the website, and help us understand your interests and improve the website. To exercise your right to opt-out of the sale or sharing of your personal information for targeted advertising purposes, click “reject.” Privacy Policy
