Washington Privacy Act stalls for the third year in a row
Washington’s Privacy Act has not been passed by the state’s House of Representatives, meaning Sunday’s deadline to advance the bill this session has been missed.
US options to resolve Schrems II outcome spelt out
Authorities in the US have three ways of overcoming commercial data transfer difficulties created by the Schrems II ruling from the Court of Justice of the European Union (CJEU), according to the Congressional Research Service.
A quick glance at the current state of US privacy laws
Confused about the state of play when it comes to the varying United States’ privacy laws? Here is an at-a-glance reminder of where we are in several states ahead of PrivSec Global’s panel, US Privacy: The Year for Change?
California appoints members of privacy protection agency board
The five members of the inaugural board for the California Privacy Protection Agency (CPPA) have been named.
Anti-trust complaint against Google widened to include Privacy Sandbox
A coalition of US states led by Texas has amended its lawsuit against Google, claiming anti-trust violations through the company’s efforts to boost its dominant advertising business.
US lawmaker proposes Federal Privacy Bill to Congress
Democratic representative Suzan DelBene has reintroduced a bill aimed at creating a national standard for digital privacy rights in the United States.
US state accused of excessive data collection prior to breach
Lawmakers in Washington state have questioned the extent of information collected by the state’s Employment Security Department (ESD) for fraud-monitoring purposes.
Virginia becomes second US state to enact comprehensive data privacy law
Virginia’s Consumer Data Protection Act, which will force companies to give consumers the right to opt out of data collection, has this week been signed into law.
Data adequacy: a flawed concept?
Following Schrems and Brexit, international data-sharing and the concept of adequacy has dominated much of the global news on data protection. But is adequacy itself a flawed concept? Marty Abrams explains why he thinks we need a better alternative
Facebook to pay $650m to settle privacy dispute over photo-tagging
A United States federal judge has reportedly approved Facebook’s $650 million payment to settle a class action privacy lawsuit with 1.6 million users in the state of Illinois
Epsilon agrees to pay $150m fine to DoJ for selling data to fraudsters
Marketing company Epsilon Data Management has agreed a $150m settlement with the United States’ Department of Justice (DoJ) to resolve a criminal charge for selling data on more than 30 million Americans to perpetrators of fraud schemes who were targeting older people.
Marriott wins US data hack lawsuit
A US district court judge has dismissed a case against Marriott following a cybersecurity breach affecting around 5.2 million of the luxury hotel chain’s customers
GDPR and CCPA: where the differences lie
California’s Consumer Protection Act in many ways looks like the General Data Protection Regulation, but there are some significant differences. Darren Wray provides a handy guide to understanding how the two pieces of legislation differ from each other.
EDPB issues draft guidance on supplemental measures for data transfers
The European Data Protection Board (EDPB) has recommended measures to supplement personal data transfer tools to ensure compliance with EU standards when transferring data to non-EU “third countries”.
US privacy: a new world?
PrivSec Report looks at the current landscape in the US for privacy and assesses the prospect of a federal privacy law.
California’s Proposition 24 has been passed by voters
“Proposition 24” has been passed by voters, with 56.1% of the 10.5m votes in California cast in favour and with it, new privacy protections will come into law. PrivSec Report takes a look at some of the reactions to the Act’s provisions and finds out why some in the privacy world are not huge fans.
Facebook launches legal action against IDPC over proposed halt to EU-US data transfers
Facebook has begun legal action against the Irish Data Protection Commission (IDPC).
TikTok fights US ban in federal court challenge
Tiktok has gone to court to challenge Donald Trump’s executive order banning US transactions with its owner.
Tech lawyer explains CJEU’s ruling on Standard Contractual Clauses
Technology lawyer, GDPR expert, and European Commission’s Cloud Computing Expert, Maciej Gawroński from Gawroński & Partners talks to PrivSec to offer up his first reactions to the ruling and to provide clarity on the technicalities of the CJEU’s validation of Standard Contractual Clauses.
Post-Brexit UK adequacy decision at risk
The EU’s data protection watchdog has said that the UK-US agreement entered into in 2019 could undermine the UK’s chances of receiving an adequacy decision
ZoomInfo sued for alleged CCPA violations
B2B intent data company Bombora has filed a lawsuit against former partner ZoomInfo for alleged violations of the California Consumer Privacy Act (CCPA).
The global evolution of data protection law
The introduction of the California Consumer Privacy Act (CCPA) at the beginning of the year continues a global trend of law-makers introducing new and more stringent rules for companies using individuals’ data.
