To our valued readers of the Chronicle of Data Protection blog: we are changing how we deliver our content. As of today, we have moved the blog to a new technology platform: Hogan Lovells Engage.
Our Blog is Moving!
Latest from HL Chronicle of Data Protection
Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights
The Dutch Data Protection Authority issued a EUR 830,000 (approximately USD 937,000) fine against the Dutch Credit Registration Bureau for violating data subject rights. The fine stems from BKR’s practice of charging fees and discouraging individuals who wanted to access
California Privacy Rights Act to Appear on November 2020 Ballot
It’s official. The California Privacy Rights Act has received enough valid signatures to appear on the November 2020 ballot. And if polling from late last year remains accurate, California voters are likely to approve it. If voters approve the initiative,
Belgian DPA Issues Guidance on Temperature Measurements in the Context of COVID-19
On 5 June 2020, the Belgian Data Protection Authority issued a guidance regarding temperature screenings within the context of the return-to-work policies developed by companies following the COVID-19 pandemic. In the guidance, the Belgian DPA addresses, among others, the privacy
Cyber Investigations and Privilege: Court Finds Forensic Report not Covered by Work Product Doctrine
Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in July 2019. The court found that
California AG Submits CCPA Regulations for Approval – Requests Expedited Review Ahead of July 1 Enforcement Deadline
On June 1, The California Attorney General submitted the final text of the CCPA regulations to the California Office of Administrative Law for approval. Though regulations submitted to the OAL in June ordinarily would not become effective—if approved—until October 1,
Facial Recognition Challenged by French Administrative Court
In a decision dated 27 February 2020, the French Administrative Court of Marseille invalidated the deliberation of the Provence-Alpes-Côte d’Azur Regional Council which allowed to set up, on an experimental basis, a facial recognition mechanism in two high schools in
EDPB Signals Efforts on International Data Transfers as CJEU Review of Current Tools Draws Near
The European Court of Justice recently published plans to issue its much awaited decision in CJEU case C-311/18 on July 16. The ruling will impact how organizations lawfully transfer personal data from the EEA to jurisdictions not providing an “adequate”
Brazil Update: Congress Sends Bill Delaying LGPD Sanctions but not Effective Date to President
As previously reported, Brazilian lawmakers have been debating a delay to the LGPD, which was scheduled to come into effect August 15, 2020, in response to COVID-19. The Brazilian Senate first passed Bill 1,179/2020, and Brazil’s President later enacted Provisional
California Privacy Compliance Obligations May Soon Change Under CPRA Ballot Initiative
The California Privacy Rights Act is progressing through California’s elections process for inclusion on the November 2020 ballot. Businesses may want to begin considering how their data privacy obligations in California may change if voters enact CPRA. The CPRA would