Privacy advocate groups allege that UK Test and Trace rushed the process and did not conduct the necessary data protection impact assessment that the GDPR requires for collection of personal data on this sort of scale. Read More
While confirming that SCCs are valid with the Privacy Shield gone, the CJEU underlined that they can only be relied upon when risks have been properly assessed and cannot amount to a “tickbox exercise. Read More
In a landmark decision for the EU-US data transfer regime, the European Court has struck down the EU-US Privacy Shield but given respite to Standard Contractual Clauses. Read More
What are the key steps that businesses can consider taking to ensure the business continuity of their GDPR privacy compliance programs during COVID-19 pandemic? Read More
GDPR has changed the global business landscape in three important ways since its implementation but has also fallen short in some areas from original intention. Read More
France’s data protection watchdog CNIL has published a set of guidelines to provide GDPR guidance on web scraping for direct marketing and recommended actions to businesses. Read More
European Digital Rights (EDRi) is highlighting a lack of resources for DPAs to enforce GDPR terms which leads to a pattern of uneven fines and actions in the privacy law. Read More
An open letter was published to express concerns over Irish DPA’s way of handling cases and also the confidential meetings between the authority and Facebook to discuss “consent bypass”. Read More
Even though India PDPB has replicated quite a few concepts from GDPR, there are still significant variants that require specific actions for companies to be in compliance. Read More
One big lesson from GDPR failures is the need for a data-centric approach towards privacy and data protection. What are the four steps that can help companies move towards compliance? Read More
