Inside Privacy

Updates on developments in data privacy and cybersecurity

Blog Authors

AB C D E F G HIJ K L M N O P Q R S TUV W X Y Z

Latest from Inside Privacy

Inside Privacy

Illinois Court Splits Time on BIPA Statute of Limitations

By Olivia Vega, Kathryn Cahoy & Eric Bosset

September 22, 2021

An Illinois state appellate court recently issued a ruling that could reduce defendants’ litigation exposure on certain types of Biometric Information Privacy Act (“BIPA”) claims. On September 17, the panel clarified in Tims v. Black Horse Carriers, Inc., 2021 IL App (1st) 200563 (1st Dist. Sept. 17, 2021), that the statutes of limitation applicable to BIPA claims vary depending on the nature of the claim. Claims for failing to provide a written retention policy, give…

Inside Privacy

COVID-19 Vaccine Verification Frameworks: Emerging Standards Seek to Balance Privacy Concerns With Public Health Benefits

By Danielle Kehl & Libbie Canter

September 17, 2021

As COVID-19 vaccination becomes required in more personal and professional contexts, several different frameworks have emerged that propose both guiding principles and technical requirements for vaccine verification systems, including those developed by the World Health Organization (WHO) and the Good Health Pass Collaborative (GHPC).…

Inside Privacy

FTC Adopts Policy Statement on Privacy Breaches by Health Apps and Connected Devices

By Libbie Canter, Anna D. Kraus & Tara Carrier

September 17, 2021

On September 15, the Federal Trade Commission (“FTC”) adopted, on a 3-2 party-line vote, a policy statement that takes a broad view of which health apps and connected devices are subject to the FTC’s Health Breach Notification Rule (the “Rule”) and what triggers the Rule’s notification requirement. The Rule was promulgated in 2009 under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. Under the Rule, vendors of personal health records that are…

Inside Privacy

Irish DPC Finds Against WhatsApp

By Marie Daly

September 13, 2021

On Thursday, September 2, 2021, the Irish Data Protection Commission (“DPC”) published its decision in the long-awaited inquiry it initiated into the data processing of WhatsApp Ireland Limited (“WhatsApp”) in December 2018. It finds against WhatsApp, imposing a fine of €225 million.…

Inside Privacy

California Privacy Protection Agency Seeks Comments on Preliminary CPRA Issues

By Lindsey Tonsager & Alexandra Scott

September 10, 2021

The California Privacy Protection Agency (CPPA), which is responsible for issuing regulations implementing the California Privacy Rights Act (CPRA), has posted its approved discussion draft for seeking public comments in preparation for its CPRA rulemaking activities. The CPPA indicated that it is particularly interested in receiving comments on the following eight topics:…

Inside Privacy

12 Eye-Catching Proposals In The UK Government’s Plan To Reform UK Data Protection Law

By Mark Young

September 10, 2021

There have been many headlines today about the UK Government’s plans to reform UK data protection law. We are still reviewing the (near 150-page) consultation document, but set out below a dozen proposals that we thought might pique the interest of readers of our blog.…

Inside Privacy

UK ICO’s Children’s Code Transition Year Ends and ICO Approves Related Certification Schemes

By Dan Cooper, Mark Young, Sam Jungyun Choi & Jiayen Ong

September 10, 2021

On 2 September 2021, the transition year for the Children’s code (or Age Appropriate Design Code) published by the UK Information Commissioner (“ICO”) ended. The ICO’s Children’s code was first published in September 2020, with a 12-month transition period. In an accompanying blog, the ICO has stated that it will be “proactive in requiring social media platforms, video and music streaming sites and the gaming industry to tell [the ICO] how their services are…

Inside Privacy

Data Divergence: A Brexit Dividend?

By Thomas Reilly

September 8, 2021

On 26 August 2021, the UK Government unveiled a package of announcements which effectively set out its post-Brexit data strategy. This blog looks at the politics around the costs and benefits of a Brexit divergence dividend in this sector, which the UK Government views as a key area of competitive advantage.…

Inside Privacy

Swiss Federal Data Protection Authority Recognizes the New EU Standard Contractual Clauses as a Lawful Mechanism to Transfer Personal Data Outside of Switzerland

By Dan Cooper & Anna Oberschelp de Meneses

September 8, 2021

On August 27, 2021, the Swiss Federal Data Protection Authority announced that it recognizes the EU recently approved standard contractual clauses as a transfer mechanism to transfer Swiss personal data to non-adequate countries (see here and here). However, the standard contractual clauses will need to be adjusted to meet the requirements of the Swiss Ordinance to the Federal Act on Data Protection (“FADP”).…

Inside Privacy

Analyzing China’s PIPL and How It Compares to the EU’s GDPR

By Yan Luo & Zhijing Yu

August 25, 2021

On Aug. 20, 2021, the Standing Committee of China’s National People’s Congress promulgated China’s Personal Information Protection Law, which will take effect Nov. 1, 2021. Serving as China’s first comprehensive law in the personal information protection area and based on China’s Constitution, the PIPL aims to “protect the rights and interests of individuals,” “regulate personal information processing activities,” and “facilitate reasonable use of personal information” (Article 1).…

Inside Privacy

Updates on developments in data privacy and cybersecurity

Blog Authors

Illinois Court Splits Time on BIPA Statute of Limitations

COVID-19 Vaccine Verification Frameworks: Emerging Standards Seek to Balance Privacy Concerns With Public Health Benefits

FTC Adopts Policy Statement on Privacy Breaches by Health Apps and Connected Devices

Irish DPC Finds Against WhatsApp

California Privacy Protection Agency Seeks Comments on Preliminary CPRA Issues

12 Eye-Catching Proposals In The UK Government’s Plan To Reform UK Data Protection Law

UK ICO’s Children’s Code Transition Year Ends and ICO Approves Related Certification Schemes

Data Divergence: A Brexit Dividend?

Swiss Federal Data Protection Authority Recognizes the New EU Standard Contractual Clauses as a Lawful Mechanism to Transfer Personal Data Outside of Switzerland

Analyzing China’s PIPL and How It Compares to the EU’s GDPR

Stay Connected

Company

Products

Support

New to the Network