In an unusual but significant move, on August 4, 2021, the Federal Trade Commission (FTC) removed Aristotle International from the Children’s Online Privacy Protection Act (COPPA) Safe Harbor List. There were 7 organizations on the list, which were approved by the FTC to self-regulate themselves under COPPA, but with this first removal by the FTC,

Last week, the High Court of Ireland submitted eleven questions to the Court of Justice for the European Union (CJEU) to consider about the personal data transfer regime between the European Union (EU) and the United States. This referral stems from a new claim by Max Schrems, an Austrian lawyer and privacy activist. Schrems previously

The Federal Trade Commission (FTC) approved TRUSTe’s proposed modifications to their Children’s Online Privacy Protection Act (COPPA) safe harbor program this week.

COPPA requires, among other things, that commercial website and mobile app operators that knowingly collect personal information from children under age 13 post comprehensive privacy policies on their websites and in their mobile apps, notify parents and guardians of the website’s or mobile app’s information practices, and obtain parental consent before collecting, using or disclosing any personal information from children under age 13. However, COPPA includes a ‘safe harbor’ provision whereby industry groups may seek approval from the FTC to create self-regulatory guidelines that implement “the same or great protections for children” as those in COPPA. Website and mobile app operators that participate in FTC-approved safe harbor programs are subject to the review and disciplinary procedures provided in the safe harbor guidelines in lieu of an FTC’s formal investigation or enforcement.
Continue Reading FTC Approves Modifications to TRUSTe’s COPPA Safe Harbor Program

The EU-US Privacy Shield, designed to protect EU citizens’ personal data when it is transferred to US organisations, has now been in place for a couple of months. How is it shaping up?

How we arrived at the Privacy Shield…

Under current EU data protection laws, as well as under the forthcoming General Data

This article co-authored with guest blogger Peter Wainman, a partner with Mills & Reeve LLP

Transfers of personal data from most European countries to the U.S. have been exposed to legal attack since October 2015, when privacy campaigner Max Schrems successfully sued the Irish authorities over data transfers made by Facebook Ireland.  The main objection

As we previously reported, this February, United States (U.S.) and European Union (EU) negotiators announced the “U.S.-EU Privacy Shield” as a replacement to the U.S. Safe Harbor. Many U.S. companies relied on the Safe Harbor to transfer data from the EU to the US. The Privacy Shield negotiations were accelerated in response to the