The largest regulatory fine leveled against a company since the General Data Protection Regulation was enacted in May 2018 is poised to reshape business compliance practices across industries. In late January, CNIL fined a big-tech giant nearly $57 million, citing what the French data-protection regulator saw as failure to meet the core requirements of informed consent under GDPR. As the decision goes through appeal, the debate is far from settled about what constitutes informed consent in personal data collection. Nor will the scythe cut only the tallest grass. Read the full report.
Category Archives: Data Privacy
The countdown is on. With the California Consumer Privacy Act slated to go into effect Jan. 1, the call is growing by big tech companies and industry advocates for federal data privacy legislation to preempt differing state laws. Until that occurs, additional states are sure to follow California’s lead in enacting their own laws. Read the full report.
The enactment of more stringent data privacy laws by states and foreign governments is prompting a more unified approach by the federal government, beyond the industry-specific regulations that dictated past approaches. Congressional response follows the European Union’s May 2018 implementation of the General Data Protection Regulation. Read more.
Though the EU’s first big data privacy law in 23 years is now in force, there’s little consensus on the General Data Protection Regulation. Data experts say GDPR— whose 99 articles govern an individual’s right to privacy and ultimate ownership of personal data—is the most complex regulation the EU has ever produced. The law’s brevity may contribute to the lack of consensus. The language of its slim 87 pages leaves a lot of room for interpretation. This includes both the definition of personal data and a special emphasis where artificial intelligence is concerned. GDPR requires the subject’s consent for any […]