Data Privacy Dish

Updates on the Evolving Data Protection Landscape

Greenberg Traurig, LLP shareholders Ian C. BallonKate Black, and Gretchen A. Ramos will speak at the 2019 Privacy + Security Forum Oct. 14 – 16 at the George Washington University Marvin Center in Washington, D.C. The annual forum brings together thought leaders from across the privacy and security sector to discuss the latest trends and issues facing those industries. Speakers include privacy and security professionals, attorneys, academics, policymakers, and more. Read more
On the heels of the California Attorney General’s release of the draft California Consumer Privacy Act (CCPA) Regulations, on Friday Gov. Newsom signed seven bills amending various provisions of the CCPA. The relevant amendments signed by the governor are described below. With less than three months before the CCPA becomes effective on January 1, 2020, businesses will now need to take into account these amendments as they continue their compliance efforts. Click here to
On Oct. 10, 2019, the California Attorney General’s Office issued the California Consumer Privacy Act Proposed Regulations. The proposed regulations focus on the following CCPA provisions: notice to consumers; business practices for handling requests; verification of requests; special rules regarding minors; and nondiscrimination. Organizations will have until December 8 to submit comments on the proposed regulations, and four public hearings will be held in early December to collect further comments. Summary While the proposed…
On October 1, 2019 the Court of Justice of the European Union (CJEU) issued a new judgment on the use of cookies which, under the EU E-Privacy Directive, requires users’ informed consent. The court decided that the cookies consent cannot be obtained by using a pre-ticked consent checkbox; and information must be provided to users which includes the duration of the operation of cookies and whether third parties may have access to the cookies. Background…
On Sept. 24, 2019, the Court of Justice of the European Union (CJEU) decided that the “right to be forgotten” does not require a search engine operator to carry out de-referencing on non-EU member state versions of its search engine. Background The case relates to a penalty of €100,000 that the French data protection authority, CNIL, had imposed on Google in March 2016. In granting a de-referencing request, the search engine – on free speech…
As state legislatures across the country adjourn for summer recess, privacy legislation has stalled in many states. Nevertheless, organizations should be aware of several developments on the horizon, including: Nevada’s new opt-out law is effective October 1, 2019, less than six weeks from today; California’s legislature is set to finalize proposed amendments to the California Consumer Privacy Act (CCPA) in the next month, and the CA Attorney General’s Office (AG) will be publishing proposed regulations…
Rebekah S. Guyon of global law firm Greenberg Traurig, LLP recently spoke at the event, “California Consumer Privacy Act and How It May Affect Our Digital Products,” held on Aug. 8 at the firm’s Los Angeles office. The event was co-sponsored by the Century City Bar Association (CCBA) and Product Managers Association (PMA) of Los Angeles. Guyon, an associate in Greenberg Traurig’s Los Angeles office and a member of the firm’s Data, Privacy &
On July 29, 2019, the Court of Justice of the European Union (CJEU) found that a website operator using a social media plugin is a joint controller with the social media company providing the plugin and can be held jointly liable in relation to such processing activities. Although the case was decided under the Privacy Directive 95/46, since the ruling concerns definitions that also exist under the General Data Protection Regulation (GDPR), website operators should…
It has been over a year since the General Data Protection Regulation (GDPR) came into force – and it did so with great fanfare. The GDPR had the effect of overhauling how personal data is dealt with across Europe, introducing the ‘gold standard’ of protection for the rights and freedoms of EU data subjects. At the same time the UK enacted the Data Protection Act 2018 (DPA). By far the most radical change implemented by…
Nearly every day we learn of another company leaving tens or hundreds of millions of pieces of data or personally identifiable information on an unsecured database for anyone to see (or steal). It is no wonder, then, that the SEC’s office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert on the importance of storing customer and data in a cloud environment in a secure fashion. The Risk Alert, titled “Safeguarding Customer Records…