Cookies, Tracking & Online Behavioral Advertising

Currently there are two trends on cookie consent banner design – either (1) the “Accept All” and “Reject All” options are shown in the first layer of a cookie consent management solution, or (2) only the “Accept All” option is shown in the first layer together with a link to the second layer of the cookie consent management solution where the user can reject to the use of non-essential cookies. There is more clarity on the views of the UK data protection authority on whether a “Reject All” option in the first layer of a cookie consent management solution is required.Continue Reading “Reject All” button in cookie consent banners – An update from the UK and the EU

On 9 August 2023, the Information Commissioner’s Office (ICO) and the Competition and Markets Authority (CMA) published a joint position paper on Harmful Design in Digital Markets (Harmful Designs Paper) that urges businesses to stop using harmful website designs that exploit customers by encouraging them to provide more personal data than necessary. The regulators are

The Summer 2023 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:

English version
German versionContinue Reading Get your Update on IT & Data Protection Law in our Germany Newsletter (Summer 2023 Edition)

The EDPB 101 Task Force published a report summarizing its assessment on international data transfers in connection with the use of tracking and analytics cookies (Tracking Cookie). The report is available here. The 101 Task Force comprises of representatives of the supervisory authorities in the EU (SA) and was created back in 2020, in response to the 101 complaints filed by NYOB, a data privacy activism group, regarding data transfers in connection with the use of Tracking Cookies.Continue Reading Cookies and international data transfers: Key takeaways from the EDPB 101 Task Force report

The winter 2023 edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:

English version

German versionContinue Reading Get your update on IT & data protection law in our newsletter (Winter 2023 edition)

On the 18th of January, the EDPB published the adopted report of the work undertaken by the Cookie Banner Taskforce. The Cookie Banner Taskforce was established in September 2021 in accordance with article 70(1) (u) GDPR to coordinate the response to complaints concerning cookie banners filed with several supervisory authorities by the non-profit organization, NOYB, run by Max Schrems. The aim of this Taskforce was to promote cooperation, information sharing, and best practices between the supervisory authorities.Continue Reading EU-Cookie banner taskforce report: what you need to know

The Summer 2022 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:

English version

German versionContinue Reading Get your Update on IT & Data Protection Law in our Newsletter (Summer 2022 Edition)

On March 8th, the Children’s Advertising Review Unit (“CARU”), a FTC-approved safe harbor organization that monitors compliance with the Children’s Online Privacy Protection Act (“COPPA”), announced it had found TickTalkTickTalk––a children’s smart watchmaker and one of CARU’s member organizations—in violation of COPPA and CARU’s privacy guidelines.
Continue Reading Kids’ Smart Watchmaker Updates Privacy Practices at Safe Harbor’s Direction

The Winter 2022 Edition of the quarterly IT & Data Protection Newsletter by Reed Smith Germany has just been released:

English version

German versionContinue Reading Get your Update on IT & Data Protection Law in our Newsletter (Winter 2022 Edition)

There’s no doubt 2022 will be a big year for data privacy compliance with three new laws going into effect in 2023. On January 1, 2023, the California Privacy Rights Act (CPRA) will replace and amend California’s most recent, comprehensive data privacy law, the California Consumer Privacy Act (CCPA), and Virginia’s first extensive privacy law, the Consumer Data Privacy Act (VCDPA), will also go into effect. Six months later, on July 1, 2023, Colorado will make history when its first, robust privacy law, the Colorado Privacy Act (CPA), goes into effect. If keeping up with the acronyms alone is difficult, ensuring compliance will likely take some work.
Continue Reading U.S. Data Privacy Compliance Roadmap for 2022