GDPR

Subscribe to GDPR

Ireland’s Data Privacy Commissioner will reportedly fine Instagram for its handling of children’s data. According to an investigation that began in 2020, Instagram published emails and phone numbers for children ages 13 to 17 who operated business accounts. Business accounts typically post this information by default. Meta, Instagram’s parent, plans to appeal the €405 million

Recent reports from several European Data Protection Authorities (DPAs), the bodies empowered to regulate consumer privacy under the General Data Protection Regulation (GDPR), have ruled that Google Analytics violates the law. DPAs in Austria, France, and Italy have found that the tool, which allows website owners to track and analyze traffic to their sites, impermissibly

The European Union’s General Data Protection Regulation (GDPR) first launched the concept of data minimization, which states that a data controller should limit the collection of personal information to what is directly relevant and necessary to accomplish a specified purpose. This seems like a simple concept: an entity should only collect personal information that is

When GDPR became effective three years ago, companies took notice of the fines and penalties attached to violations of the stringent privacy law—4 percent of global annual sales. The fines have been racking up, including the most recent one by the Irish Data Protection Commission against WhatsApp—$266 million. WhatsApp is owned by Facebook.

The fine

The Irish Data Protection Commission (DPC) fined Twitter 450,000 euros (about US$546,000) for failing to timely notify the Irish DPC within the required 72 hours of discovering a Q4 2018 breach involving a bug in its Android app, and also for failing to adequately document that breach.  The bug caused some 88,726 European Twitter users’

Proposition 24 is known as the California Privacy Rights Act of 2020 (CPRA). It is on the ballot in California on November 3, and if it passes it will amend and expand certain provisions of the California Consumer Privacy Act (CCPA). Some say it’s CCPA 2.0, however, there are some provisions that make the CPRA

Washington legislators recently introduced the Washington Privacy Act (WPA). This legislation is a consumer-focused privacy law similar to the California Consumer Privacy Act (CCPA) but it also has some European Union General Data Protection Regulation (GDPR)-like concepts. The WPA protects personal data in much the same way as the CCPA, but with some significant differences.

I don’t know much about dating apps. I met my husband decades ago, long before the Internet, and the old-fashioned way—in college. But I know people who have used them, have been happy with them, have found their life partner through them, have funny stories about using them and the people they met through them.

U.S. Senator Ron Wyden, D-Oregon, recently introduced comprehensive privacy legislation, known as the “Mind Your Own Business Act” (MYOB Act), to provide protections for the private data of Americans and to hold corporate executives accountable if they abuse such information. While this isn’t the first such legislation introduced in Congress and is unlikely