Showing 13 posts in GDPR.
The practical effect of the GDPR in connection with domain name enforcement can leave (and should leave) even the staunchest supporters of data privacy rights scratching their heads. Read More ›
On Monday, France’s data protection authority (CNIL) levied the largest fine to date arising from violations of the European General Data Protection Regulation (GDPR) by fining Google 50 million euros (more than $56 million) for Google’s lack of transparency, inadequate information, and lack of valid consent regarding advertisement (ads) personalization. Read More ›
Businesses not located in the European Union have tried to understand whether the General Data Protection Regulation (GDPR), which became law on May 25, 2018, applies to them. And if it does, or if it might, one of the puzzles has been whether a non-EU business needs to appoint a natural person or legal entity to be its “representative” or a natural person to be its “Data Protection Officer” for dealing with EU and its Member States’ Data Protection Authorities (DPAs). This podcast focuses on that question. Read More ›
It’s June 1, 2018, one week after the General Data Protection Regulation of the European Union became law, not only in the EU but also for businesses subject to its global grasp. How did U.S. businesses deal with it? And what’s its immediate impact on how U.S. businesses address personal information they have? The Data Privacy Detective turns the magnifying glass to this question, focusing on small and mid-sized (SME) U.S. businesses that hold personal data of Europeans. Read More ›
GDPR, the European Union’s effort to protect personal data, has dominated the efforts of businesses to deal with personal data across borders. Less noticed is China’s evolving system of controlling, regulating and protecting the personal information of its people. On May 1, 2018, China issued standards for personal information protection. Read More ›
In our prior podcast, the Data Privacy Detective explored how non-EU businesses can determine if they are subject to the General Data Protection Regulation of the EU and how they can comply regarding the transfer of personal data from sources in the European Union. One approach of U.S. businesses is to sign up for the U.S./EU Privacy Shield and its Swiss companion. Read More ›
Data Privacy Detective Podcast - Episode 18 - How businesses outside the EU can comply with the GDPR
In this and the next podcast, the Data Privacy Detective turns a magnifying glass to how businesses located outside the EU can gather and use personal data that originates in the EU without violating the GDPR. Read More ›
The European Union’s General Data Protection Regulation, the GDPR, becomes directly applicable law on May 25, 2018. The Data Privacy Detective explored in prior podcasts the broad scope of personal data, the differences between controllers and processors and other matters, including how processing can be lawful. That includes several specific, limited instances when acquisition and use of personal data can be legitimate in the absence of express consent of the persons whose data are held. Read More ›
The EU’s GDPR – the General Data Protection Regulation – becomes law on May 25, 2018. This podcast explores what processing of personal data as defined by the GDPR is considered lawful. Read More ›
In this fourth podcast about the General Data Protection Regulation that becomes law in the European Union (EU) on May 25, 2018, we ask what personal data are covered by the GDPR and what are not. The GDPR defines personal data very broadly. But it is not an all-encompassing effort to protect all personal data from every conceivable use or misuse. Read More ›
Ask the Blogger
Do you have a topic that you would like discussed in a future blog article? Please let us know. If you have a confidential question regarding a blog article, please feel free to contact the article's author directly, or let us know if you would like for someone to contact you directly.
Melissa A. Kern 's practice is focused on counseling on privacy and data security compliance and best practices, negotiating and drafting intellectual property agreements, copyright protection and enforcement, and information technology.