Tag Archives: consent

Spanish DPA fines Facebook €1.2 million for data protection infringements

The Spanish Data Protection Authority (AEPD) has imposed a fine of €1.2 million against Facebook following its investigation into whether Facebook’s data processing activities were in accordance with the Spanish Data Protection Act (Law 15/1999) (the Act). In its decision, the AEPD concluded that Facebook had committed serious breaches of the Act, as discussed further … Continue Reading

Lyft Faces Second Wave of TCPA Litigation for Sending Autodialed Texts

Lyft, Inc. – the popular ride hailing service featuring the iconic pink moustache – is facing a second class action lawsuit in California alleging violations under the Telephone Consumer Protection Act (“TCPA”). This alleges that Lyft sent unwanted and unsolicited text messages to cellphones using an automated dialing system without first obtaining express written consent … Continue Reading

Optical Express appeal highlights the need for caution over third-party marketing lists

In a decision of 31 August 2015, the First-Tier Tribunal provided important clarification on the use of third-party mailing lists. Optical Express v Information Commissioner (EA/2014/0014) is significant for organisations that use or are considering using such lists. The case was concerned with an appeal by Optical Express (‘OE’) against an Enforcement Notice issued by … Continue Reading

EU Art. 29 Confirms Cookie Rules Apply to Digital Fingerprinting

The Article 29 Data Protection Working Party (Working Party) released Opinion 9/2014 on ePrivacy Directive 2002/58/EC (amended in 2009), stating that the consent and transparency mechanisms apply to digital fingerprinting of devices (Opinion). The Working Party issued the opinion to clarify that consent was required and to end “surreptitious tracking” of users in light of … Continue Reading

Italian Data Protection Authority issues new EU guidelines

This post was also written by Matthew N. Peters. In early May the Italian data protection authority (“Garante”) issued “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies” (“Guidelines”).  These are intended to provide clarity on the application of Legislative Decree No. 69/2012 (the “2012 Act”), which implemented the EU Cookie Directive in Italy. The … Continue Reading

Japan promotes the use of Big Data

This post was also written by Taisuke Kimoto. On May 10, the Japanese Government released a report regarding the use of personal information in Big Data applications (available in Japanese). This comes just months after Japan announced plans to provide guidance on data anonymisation as part of the ‘Japan Revitalisation Acceleration Programme’ (see our related blog). … Continue Reading

Art. 29 Working Party seeks refined definition of ‘personal data’ in the proposed General Data Protection Regulation

This post was written by Cynthia O’Donoghue. In its second opinion on the proposed Data Protection Regulation, the Article 29 Working Party suggests that a natural person can be considered identifiable when, within a group of persons, he or she can be distinguished from other members of the group and consequently be treated differently. They … Continue Reading

Privacy International publishes its analysis of the European Commission’s proposal for a General Data Protection Regulation

This post was written by Cynthia O’Donoghue. On 25 January 2012 the EC proposed a uniform legal framework for providing legal certainty on data protection. The most notable proposed change is that from a European Directive to a Regulation (the Proposed Regulation) to ensure directly enforceable implementation across all Member States. The Proposed Regulation sets … Continue Reading

France: The CNIL amends its regulation concerning the processing of client/prospect data and imposes differentiated data retention periods

This post was written by Daniel Kadar. A new regulation of the CNIL, dated 12 June 2012 and published on 13 July 2012, modifies the ways and means of collecting and processing client/prospect-related data. The regulation, issued as an amendment to the “Simplified Norm No. 48” [http://www.cnil.fr/en-savoir-plus/deliberations/deliberation/delib/184/], broadens the possibility for data controllers to make … Continue Reading

The ICC publishes its ‘UK Cookie Guide’ on 2 April 2012 to provide guidance to website operators and website users alike.

On 2 April, 2012, after almost a year of preparation, the International Chamber of Commerce UK (“ICC”) launched its UK Cookie Guide designed to help website operators and website users comply with new EU rules on the use of cookies. The ICC hopes that if the Guide becomes widely adopted by website operators, then users will … Continue Reading

A Seasonal Reminder for Your New Year’s To-Do List – Implement Your Cookie Action Plan for a “Good Enough” Solution!

This post was also written by Nick Tyler. On Christmas Day, organisations operating in the UK will have just five months to get their act together and comply fully with the new EU-wide rules on cookies. See earlier Client Alerts:  ‘What Cookies Are In Your Jar?’ – ICO’s guidance on compliance with new EU cookie law … Continue Reading
LexBlog