In March 2023, the UK government published the Data Protection and Digital Information (No. 2) Bill (the bill). If enacted, the bill will introduce significant changes to the UK’s data protection laws, with the aim
Continue Reading UK Brings Forward Legislation to Streamline the GDPR
In January 2023, the European Data Protection Board (EDPB) published a report on cookie banners (Report). The Report provides practical guidance to companies doing business in the EU on how to comply with
Continue Reading EDPB Issues Guidance on Cookie Banners
On February 24, 2023, the European Commission (EC) opened a public consultation on its initiative (Initiative) to revise procedural rules relating to the enforcement of the EU General Data Protection Regulation (GDPR). The EC invites
Continue Reading European Commission Seeks Companies’ Input on GDPR Enforcement
On November 15, 2022, the European Data Protection Board (EDPB) adopted draft recommendations (here) for data controllers when applying for approval of their binding corporate rules for international data transfers (Recommendations).
Binding corporate
Continue Reading New Draft Guidance on Binding Corporate Rules for Controllers
On December 9, 2022, the UK Government’s Department for Digital, Culture, Media, and Sport (DCMS) published a voluntary Code of Practice for App Store Operators and App Developers (Code). The Code sets out eight core
Continue Reading UK Government Publishes New Code of Practice for App Store Operators and App Developers
On February 2, 2022, the Belgian Data Protection Authority (DPA) found that the Interactive Advertising Bureau Europe (IAB) Transparency & Consent Framework (TCF), a tool used to record individuals’ online ad preferences, violates the General Data Protection Regulation (GDPR). The DPA fined IAB Europe €250,000 (approx. USD 280,000), and required IAB Europe to present an action plan to bring the TCF into compliance within two months. To reach this conclusion, the DPA concluded that:
Continue Reading Belgian DPA Finds That IAB Europe’s Cookie Consent Framework Violates the GDPR