As more and more states enact laws that mirror aspects of GDPR, and as companies begin to get used to the EU’s new standard contractual clauses, now may be a good opportunity for a refresh on data sharing agreements. As most in the privacy space are well aware, the laws in many states -and countries- call for certain oversight in these situations. And many require specific content to be included in contracts. What might you want to include in your contract roadmap?Continue Reading DPA 101: Do You Know Where Your Data Is?
Sam Cournoyer*
Sam Cournoyer is a law clerk in the firm's New York office.
Connected Devices: Eyes on EU Data Act
The European Council recently approved a final version of the EU Data Act. The Act applies to manufacturers of connected devices. Among other things, it gives consumers certain rights about the information those devices collect. The Act is viewed as part of an overall data strategy by the EU, and complements both GDPR and the Data Governance Act.Continue Reading Connected Devices: Eyes on EU Data Act
CNIL Fines Canal+ Over Marketing and Data Security Concerns
The French Data Protection Authority announced a €600,000 fine against Groupe Canal+ over concerns with the media company’s direct marketing activities. According to the CNIL, the company sent users email marketing without getting consent, in violation of both GDPR and French privacy law. In particular, the CNIL noted, the company sent marketing emails to individuals who had provided their personal information not to Canal+, but instead to one of its partners. When doing so, they were not told by the partner that the information would be share with -and used by- Canal+ for Canal+’s marketing activities. Canal+ should have ensured that the partners had gotten appropriate consent, according to the CNIL.Continue Reading CNIL Fines Canal+ Over Marketing and Data Security Concerns