Articles from Around the Web

Roundup: EU, China, US and more

In this week’s Global News Roundup, the Court of Justice of the European Union issued a pair of decisions. One compels data controllers to identify parties they sell personal data to under the EU General Data Protection Regulation and the other affirmed EU GDPR decisions can be enforced concurrently with separate legal cases in member states. France’s data protection authority, the Commission nationale de l'informatique et des libertés, issued a 5 million euro fine to TikTok. China began enforcement of its deep synthesis regulation. And a number of U.S.

CNIL hits app developer with 3M euro fine

France's data protection authority, the Commission nationale de l'informatique et des libertés, issued a 3 million euro fine to mobile application developer Voodoo over alleged nonconsensual user tracking. The CNIL's investigation found the company applies a technical identifier that "processes the information linked to the browsing habits for advertising purposes" when a Voodoo app is downloaded from Apple's App Store.

NSA, Cyber Command director pushes for renewal of FISA Section 702

U.S. National Security Agency Director and head of U.S. Cyber Command Gen. Paul Nakasone is advocating for the renewal of a key component of the Foreign Intelligence Surveillance Act, CyberScoop reports. Nakasone recently voiced support for renewing Section 702 of FISA, which affords “intelligence agencies wide-ranging authorities to conduct surveillance of foreign persons located abroad” and said it has prevented terrorist attacks.

Meta sues analytics company for alleged data scraping; lawsuit alleges Twitter exposed PI of 200M users

Meta filed a federal lawsuit against an analytics company for allegedly creating thousands of fake Facebook profiles to scrape user data, MediaPost reports. In its lawsuit filed in U.S.

US state breach notification laws vary in consumer protections; NortonLifeLock, Air France-KLM breached

The lack of an overarching federal privacy law in the U.S. has resulted in consumers being negatively impacted when businesses experience data breaches, CyberScoop reports. Each state has different breach notification laws, and some offer less consumer protections than others.

EU NIS2 Directive takes force

The European Commission announced the NIS2 Directive, a modernized framework based on the EU Network and Information Security Directive is effective. The commission outlined how the directive "will strengthen the cybersecurity risk management requirements that companies are obliged to comply with." The regulation includes seamless incident reporting obligations with respect to the information being reported and the timeline for reporting.

Complex, fundamental questions within Irish DPC, EDPB Meta decisions

As more details unfold within the Irish Data Protection Commission and European Data Protection Board’s published Meta decisions, the privacy community is grappling with complex and fundamental questions surrounding legal bases for data processing, transparency within privacy notices, uncertainty around EU General Data Protection Regulation compliance, and more.

UK-US data flows council convenes, sets 2023 deliverables

The U.K. and U.S. governments jointly announced the results of the inaugural U.S.-U.K. Comprehensive Dialogue on Technology and Data. Following the agreement of its creation in 2021, the first annual meeting between relevant officials yielded goals to "finalize and implement a data bridge for U.S.-U.K. data flows" while collaborating to "facilitate global trusted data flows" through the Global Cross-Border Privacy Rules Forum.

A view from DC: US president re-ups call for federal privacy law

IAPP Managing Director, Washington, D.C., Cobun Zweifel-Keegan, CIPP/US, CIPM, breaks down the latest privacy happenings in the nation’s capital, including musings related to U.S. President Joe Biden's public call to Congress for federal privacy legislation and reining in Big Tech.Full Story

A view from Brussels: Predictions, Swedish EU presidency, CJEU decisions and more

ISO set to adopt privacy-by-design standard

IT World Canada reports the International Organization for Standardization will adopt ISO 31700 on privacy by design Feb. 8. The new standard will not be a conformance standard when it first comes online. It features 30 requirements and guidance on privacy-by-design principles for effectuating consumer rights, relevant roles and authorities, privacy control designs and more.

Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.

Roundup: EU, China, US and more

CNIL hits app developer with 3M euro fine

NSA, Cyber Command director pushes for renewal of FISA Section 702

Meta sues analytics company for alleged data scraping; lawsuit alleges Twitter exposed PI of 200M users

US state breach notification laws vary in consumer protections; NortonLifeLock, Air France-KLM breached

EU NIS2 Directive takes force

Complex, fundamental questions within Irish DPC, EDPB Meta decisions

UK-US data flows council convenes, sets 2023 deliverables

A view from DC: US president re-ups call for federal privacy law

ISO set to adopt privacy-by-design standard

Don't Miss a Compliance Update.

Sign up for expert compliance insights, new law analysis,

and free resources to keep your business protected.

Search form

Search form

Search form

Articles from Around the Web

Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.

Don't Miss a Compliance Update.

Sign up for expert compliance insights, new law analysis,

and free resources to keep your business protected.