Author

Harry Valetk

Browsing

In its “Schrems II” opinion issued July 16, the Court of Justice of the European Union did not reach any findings on the EU Commission’s decisions 2001/497/EC or 2004/915/EC, i.e., the standard contractual clauses for the transfer of personal data to controllers. However, the rationale behind the CJEU’s ruling on the controller-to-processor SCCs, as well as on the EU-U.S. Privacy Shield, suggests two things with respect to controller-to-controller SCCs: The additional measures for transfers under C2P SCCs…

Digital assets vary. They can be a virtual currency that has no analog in the real world, and exists only on the blockchain used as a substitute for money. For this reason, virtual currencies are generally considered to be secure and offering a high degree of privacy. A recent decision from a US federal court of appeals, however, may cast a different light on this generally held view. USA v. Gratkowski In United States v.…

Launched on June 2, the French mobile tracing app for COVID-19, “StopCovid,” has been voluntarily downloaded by 1.9 million users within three weeks. On June 3, the French Data Protection Authority (the CNIL) published its second opinion on StopCovid, relating to the implementation of the app and the related Executive Decree No. 2020-650 and to the Government’s data protection impact assessment. Following its first opinion of April 24, on the principle of the use of a…

On May 1, 2020, the Province of Alberta launched ABTraceTogether, an Android and iOS compatible contact tracing app users voluntarily download for tracing and notifying users who may have been exposed to COVID-19. ABTraceTogether is used by Alberta Health and Alberta Health Services (AHS) to supplement manual contact tracing completed by public health officials. ABTraceTogether was announced just prior to the issuance in May 2020 of joint guidance by the federal and provincial privacy commissioners…

For those privacy buffs following the status of the California Privacy Rights Act ballot initiative (CPRA), today is the much-anticipated deadline to officially decide whether the CPRA will qualify for the Fall 2020 ballot in November. The final answer? Yes, it will. Background CPRA (which was introduced by the Californians for Consumer Privacy in January 2020) is a ballot initiative that would both expand the scope of the existing California Consumer Privacy Act (CCPA) and…

Brazil’s government has decided to postpone the effective date of its new comprehensive data protection law. On June 12, 2020, the Brazilian government published Law No. 14,010/20, which postpones the effective date of articles 52, 53, and 54 of the Brazilian General Data Protection Law (LGPD) to August 1, 2021. Those articles establish administrative sanctions that may be applied by the Brazilian Data Protection Authority (ANPD) for LGPD violations. Background and Effect of Brazilian General…

On June 1, 2020, in a surprise, last-minute filing, the office of the California Attorney General submitted the final CCPA final California Consumer Privacy Act (CCPA) proposed regulations to the California Office of Administrative Law (OAL). What does this mean for businesses subject to the CCPA? Under normal circumstances, the OAL would have 30 days to review the proposed regulations for procedural compliance with California’s Administrative Procedure Act; however due to the COVID-19 pandemic, this timeframe…

While director and officer liability (D&O) claims arising out of cybersecurity events are not new, COVID-19 has increased those risks and created fertile ground for litigation and personal liability. Executive oversight of cybersecurity protocols and practices will no doubt be tested by the myriad of new challenges related to post-COVID exit strategies, including heightened monitoring of individuals, and disclosure requirements in the context of contact tracing. These challenges are more pronounced following the directive…

COVID-19 will end, that much we know. But when will it end, and what lasting effects will it have on our society remain the pressing questions for all of us. While many questions persist, it is certain that we have yet to see the full effects this global crisis will have on the economy. Many businesses, and perhaps entire industries, will not survive this prolonged shutdown or the changes in consumer behaviors following the exit…

The European Commission has published a Recommendation for use of technology and data to combat and exit from the COVID-19 crisis, in particular concerning mobile apps and use of anonymised mobility data. What does the Recommendation cover? The Recommendation establishes a process for developing a common approach (Toolbox) to use digital measures to address the COVID-19 crisis.  The Toolbox will include practical measures for making effective use of technology and data, focusing on a: Pan-European…