Tag: GDPR

Categories
Life with GDPR

Update on Cookie Banners

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we discuss the NOYB announcement that it had filed an additional 226 complaints to Data Protection Authorities in 18 countries over the use of OneTrust cookie banners. Some of the highlights  include:

  1. Previous enforcement actions on cookie banners.
  2. The NOYB campaign.
  3. What happens next?
  4. Practical steps you can take now.

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Life with GDPR

GDPR Draft Guidance on Fines Calculation

Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we review the recently released The European Data Protection Board (EDPB) recently issued its draft guidance on calculating fines entitled “Guidelines 04/2022 on the calculation of administrative fines under the GDPR”. Some of the highlights  include:

1.     There have been just under ‘1.5 billion in overall fines under GDPR.

2.     Spain has the largest number of fines but the smallest monetary amount of fines.

3.     The five-step calculation methodology.

4.     What are the aggravating and mitigating factors.

5.     Key takeaways from the draft guidance.

Resources

For more information on the draft guidance, check out the Cordery Compliance client alert on this topic; click here. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Life with GDPR

Clearview AI Fine by the ICO


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we take up a fine in the UK by the ICO against Clearview AI. We have discussed other EU countries’ fines against Clearview previously. Some of the highlights  include:

  1. What is this case all about?
  2. What did the ICO decide?
  3. Why is AI under the spotlight again?
  4. Other actions and penalties against Clearview?
  5. Key takeaways.

Resources
For more information on the Clearview AI fine by the ICO, check out the Cordery Compliance client alert on this topic; click here. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Life with GDPR

André Paris on the Brazilian GDPR


Tom Fox returns for another episode of Life with GDPR. This week, Jonathan Armstrong is on assignment, so we are joined by our colleague André Paris, a Brazilian Privacy and Compliance Consultant, Professor, and Lawyer. Andre is the author of the book “Ethics and Transparency – A Path to Compliance.” He is a specialist in building a Corporate Culture based on Ethics, Transparency, and Respect, with experience in Corporate Risk Analysis and Management and Protecting Corporate Reputation and Crisis Management. He is also an enthusiast of building a more ethical and transparent business environment.
In this episode, we take up the Brazilian national GDPR-like data privacy law.  Some of the issues we consider include:
1.     What is Brazilian law?
2.     Who does it apply to?
3.     What does a compliance program look like?

 Resources

Check out Andre’s book, ETHICS & TRANSPARENCY: A Path To Compliance.

André Paris on LinkedIn

Categories
Life with GDPR

Data Transfers from EU/UK to US


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we take up the proposed agreement for data transfers from the EU (and UK) to the US. Some of the issues we consider in the myriad of questions around this latest version of Privacy Shield include:
1.     Is this simply an agreement to agree?
2.     Who will populate the independent court review in the US?
3.     Will US spy agencies ever comply?
4.     Will there be a real deal by the end of 2022?
5.     Is this simply a temporary solution.
Resources
For more information on the new data transfer agreement, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Life with GDPR

Clearview AI Redux


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we consider the Italian Data Protection Authority (the Garante) fine against Clearview AI €20m for GDPR violations.  It is the latest in a series of regulatory actions in Europe and in Australia against Clearview AI and it also continues a trend of AI enforcement in Italy.
1.     Who is Clearview AI?
2.     What is this matter about?
3.     The background facts and the Italian investigation.
4.     What did the Garante say?
5.     Lessons learned and next steps.
Resources
For more information on the Italian Clearview AI enforcement action, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Compliance Week Conference Podcast

Tom Fox on Why You Should Attend Compliance Week 2022

In this episode of the Compliance Week 2022 Preview Podcasts series, I discuss some of my presentation at Compliance Week 2022 “EU Whistleblower Protections and Responses”. Some of the issues we tackle in this podcast are:

  • Understand how to comply with both the EU Whistleblower Directive and GDPR requirements around call recordings, interview notes, records, and whistleblower rights to privacy
  • Learn how to run a Data Privacy Impact Assessment (DPIA)
  • Discover where requirements between the EU Whistleblower Directive and data privacy regulations conflict with each other

In this first full compliance conference in over 2 years, I hope you can join me at Compliance Week 2022. This year’s event will be May 16-18 at the JW Marriott in Washington DC. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 17th year, compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. and many others to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Hear from 75+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from the two SEC Commissioners and gain insights into the agency’s areas of enforcement and walk away with guidance on how to remain compliant within emerging areas such as ESG disclosure, third-party risk management, cybersecurity, cryptocurrency and more.
  • Bring actionable takeaways back to your program from various session types including ESG, Human Trafficking, Board obligations and many others for you to listen, learn and share.
  • The goal of Compliance Week is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount off the registration price. Enter discount code discount code TFLAW $200 OFF.

Compliance Week 2022 podcast series is a production of Compliance Week, which is the sponsor of this podcast series.

Categories
Life with GDPR

Tuckers Enforcement Action


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we consider the UK Data Protection Authority, the Information Commissioners Office (ICO) recent announcement that it had fined a law firm, Tuckers Solicitors LLP for GDPR breaches.  Tuckers was fined £98,000 after being hit by a ransomware attack.

  1. Law firms are not unique.
  2. What about other legal regulations and regulatory bodies?
  3. The background facts.
  4. What did the ICO say?
  5. Lessons learned.

Resources
For more information on the Tuckers enforcement action, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Life with GDPR

Privacy Shield 3


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, consider the recently announced EU/US resolution to allow data transfer from the EU to the United States through the mechanism of Privacy Shield 3. Some of the issues we consider include:

  1. Is it Déjà vu all over again?
  2. What about consent and standard contractual clauses as a basis for data transfer?
  3. What was the court’s ruling?
  4. Why will double due diligence be required going forward?
  5. What about the UK?
  6. What does Max Shrems have to say?

Resources
Check out the Cordery Compliance client alert on this topic; click here and here. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Everything Compliance

Episode 96, the Spring Arrives Edition


Welcome to the only roundtable podcast in compliance. The entire gang was also recently honored by W3 as a top talk show in podcasting. In this episode, we have the quartet of Jay Rosen, Jonathan Armstrong, Tom Fox and Matt Kelly. We conclude with our fan favorite Shout Outs and Rants.

1. Jay Rosen discusses the connection between corruption and the Russian invasion of Ukraine and the leadership differences between Presidents Putin and Zelensky. Rosen rants about Mavericks owner Mark Cuban over the allegations of former GM Donnie Nelson that Nelson was fired for reporting a sexual assault of a Maverick employee.

2. Matt Kelly looks cybersecurity and the state of proposed new rules from the SEC governing the conduct of public companies which sustain a cyber breach.  Kelly rants about West Virginia Senator Joe Manchin opposes electric cars because customers would have to wait too long at charging stations for batteries to be replaced (electric car batteries are recharged not replaced).

3. Jonathan Armstrong looks at the increase in cyber-attacks and ransomware demands and a GDPR enforcement action involving Tucker’s. Armstrong shouts out to TV show editor Marina Ovsyannikova who on live TV in Moscow, stood up to the President Putin by holding a sign which said, “Russian: “Don’t believe the propaganda. They’re lying to you here.” In English it said: “No war … Russians against war.”

4. Tom Fox discusses the recent District Court decision in the Coburn case and what it means for all involved; the DOJ, companies under FCPA investigation and counsel who perform internal investigations. Fox rants about Texas AG Ken Paxton who once again disobeyed a District Court injunction forbidding the state of Texas from investigating the parents of transgender teens for child abuse. 

The members of the Everything Compliance are:
•       Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
•       Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
•       Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
•       Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com
•       Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at jonathan.marks@bakertilly.com
The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.