On August 24, 2023, some members of the Global Privacy Assembly’s International Enforcement Cooperation Working Group published a joint statement on data scraping (Statement). Signatories to the Statement include the privacy regulators of the UK, Australia, Argentina, Canada, Colombia, Hong Kong, Jersey, Mexico, Morocco, New Zealand, Norway, and Switzerland.[1] Notably absent from the list of … Continue Reading
On September 6, 2023, the European Commission (EC) returned from its summer break with full force and announced the designation of six tech companies as so-called “gatekeepers” under the EU’s Digital Markets Act (DMA) and published a Q&A document. The six companies are predominantly American, with one Asian company represented and no European: Alphabet, Amazon, Apple, … Continue Reading
On August 9, 2023, the UK’s Information Commissioner’s Office (ICO) and Competition and Markets Authority (CMA) released a joint position paper (the Paper) focused on “harmful” website design practices that may “trick” consumers into giving more access to their personal information. The Paper is targeted at web designers and developers, and it will be particularly … Continue Reading
On July 10, 2023, the European Commission (EC) adopted an adequacy decision in relation to the EU-U.S. Data Privacy Framework (DPF). This paves the way for organizations to certify to the DPF, reducing friction for transfers of personal data from the EU to the U.S., and allowing companies to simplify their compliance with EU data flow restrictions. … Continue Reading
In a landmark judgment issued on July 4, 2023, the European top court, the Court of Justice (ECJ), ruled that competition authorities in the EU can consider a company’s compliance with the EU’s data protection rules when assessing whether it abused its dominant position. In addition, the ECJ ruled on important General Data Protection Regulation … Continue Reading
On July 4, 2023, the European Commission (EC) published its proposal for a regulation laying down additional procedural rules for the enforcement of the EU General Data Protection Regulation (GDPR) (proposal). The proposal focuses on procedural issues relating to handling complaints and conducting investigations in cross-border cases.1 The proposal adds to the procedural rules laid down in the … Continue Reading
A significant milestone in the legislative process of the AI Act has been reached with the vote of the European Parliament (EP) on June 14, 2023. The text now enters a new phase, during which all three EU institutions (the Council of the EU (Council), the EU Commission (EC), and the EP) will work towards an agreement … Continue Reading