On January 17, 2024, the European Data Protection Board (“EDPB”) published its report on the 2023 Coordinated Enforcement Framework (“CEF”), which examines the current landscape and obstacles faced by data protection officers (“DPOs”) across the EU. In particular, the report provides a snapshot of the findings of each supervisory authority (“SA”) on the role of
Inside Privacy Blogs
Latest from Inside Privacy
California Privacy Protection Agency Issues Enforcement Advisory on Data Minimization
On April 2, the Enforcement Division of the California Privacy Protection Agency issued its first Enforcement Advisory, titled “Applying Data Minimization to Consumer Requests.” The Advisory highlights certain provisions of and regulations promulgated under the California Consumer Privacy Act (“CCPA”) that “reflect the concept of data minimization” and provides two examples that illustrate how
CPPA Executive Director Remarks on Policy and Enforcement Priorities
On April 3, at the International Association of Privacy Professionals’ global privacy conference, California Privacy Protection Agency (“CPPA”) Executive Director Ashkan Soltani gave remarks on his agency’s priorities with respect to rulemaking and administrative enforcement of the California Consumer Privacy Act (“CCPA”). Below we provide a few key takeaways:
EHDS Series – 3: The European Health Data Space from the Health Data User’s Perspective
In early March 2024, the EU lawmakers reached agreement on the European Health Data Space (EHDS). For now, we only have a work-in-progress draft version of the text, but a number of interesting points can already be highlighted. This article focusses on the obligations of data users; for an overview of the EHDS generally, see
EHDS Series – 2: The European Health Data Space from the Health Data Holder’s Perspective
In early March 2024, the EU lawmakers reached agreement on the European Health Data Space (EHDS). For now, we only have a work-in-progress draft version of the text, but a number of interesting points can already be highlighted. This article focusses on the obligations of data holders; for an overview of the EHDS generally, see
U.S. Tech Legislative, Regulatory & Litigation Update – First Quarter 2024
This quarterly update highlights key legislative, regulatory, and litigation developments in the first quarter of 2024 related to artificial intelligence (“AI”), connected and automated vehicles (“CAVs”), and data privacy and cybersecurity. As noted below, some of these developments provide industry with the opportunity for participation and comment.
Kentucky Passes Comprehensive Privacy Bill
Earlier this month, the Kentucky legislature passed comprehensive privacy legislation, H.B. 15 (the “Act”), joining California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, Montana, Oregon, Texas, Florida, Delaware, New Jersey, and New Hampshire. The Act is awaiting the Governor’s signature. If signed into
EHDS Series – 1: Five Key Take Aways on Secondary Use of Health Data
In early March 2024, the EU lawmakers reached agreement on the European Health Data Space (EHDS). For now, we only have a work-in-progress draft version of the text, but a number of interesting points can already be highlighted.
We expect the final text of the EHDS to be adopted by the European Parliament in April
German Government Proposes to Amend Federal Data Protection Act
On February 7, 2024, the German Federal Cabinet approved a draft law (“the Draft Law”) amending the Federal Data Protection Act (“BDSG”). The Draft Law will now go to the Bundesrat (the legislative body that represents the sixteen Länder (federated states) of Germany at the federal level ) for its opinion and then to the
Florida Enacts Social Media Bill Restricting Access for Teens Under the Age of Sixteen
On Monday, March 25, Florida Governor Ron DeSantis signed SB 3 into law. At a high level, the bill requires social media platforms to terminate the accounts of individuals under the age of 14, while seeking parental consent for accounts of those 14 or 15 years of age. The law will become effective January 1,