Categories
Daily Compliance News

Daily Compliance News: July 12, 2023 – The US-EU Data Sharing Agreement Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • EU-US agree on data sharing pact. (NYT)
  • EU privacy advocates slam pact.  (BBC)
  • Max Schrems slams back, vows legal challenge.  (YaHooNews)
  • Challenges to data sharing pact likely.  (Reuters)
Categories
Life with GDPR

Life With GDPR: Data Transfer Update

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. Join them in this episode as they delve into the hot-button issue of data transfers from the EU to the US. With potential new rulings looming, the replacement for privacy shield is said to be doomed to fail. The European data protection board is investigating complaints against Google and Facebook that could affect up to 95% of US corporations using Google Analytics! How can your organization comply with GDPR regulations while avoiding the nearly €3 billion in fines levied since 2018, including practical tips such as conducting compliance checks and due diligence? Don’t miss the explosive potential of this episode and what it could mean for businesses around the world.

Key Takeaways:

·      Data transfers from the EU to the US and privacy concerns

·      Data Transfer Regulations & Compliance

·      Data Protection Compliance for Business Websites

·      Impending Large GDPR Fine

Notable Quotes:

“It is not going to get any easier anytime soon, unfortunately.”

“This case is likely to affect, I think, 95% of corporate America.”

“Regulators definitely have an appetite to investigate this.”

“I expect that the find that I’m hearing rumors of will tip us over the €300MM level.”

 Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go to their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Connect with Tom Fox

●      LinkedIn

Connect with Jonathan Armstrong

●      Twitter

●      LinkedIn

Categories
Life with GDPR

Cookies, Cookies & More Cookies

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. Data protection has become a priority for many authorities with the French regulator, CNIL,  recently issuing fines and penalties to Microsoft for not complying with the data protection laws. Changes were made to their practices in March 2022, and similar action was taken against Google and Amazon.

In this episode, we discuss the regulatory landscape for cookies which has become difficult for businesses to maneuver, requiring board-level oversight of data privacy, data protection, and data security. Together, these measures are deemed necessary in order to mitigate the biggest risks to organizations. Max Schrems and his pressure group were two of the key adjutants and had filed a substantial number of complaints. This eventually led to a large fine at the end of 2022, announced this month, from CNIL, the French Data Protection Regulator, against Microsoft, for €60 million. This fine highlighted the fact that cookies had been on the agenda for many Data Protection Authorities and the severity of the consequences for not following GDPR requirements. The implications of this case will have a lasting effect on the relations between European Data Protection Authorities and corporations, as well as the resources necessary to stay compliant.

Highlights include:

·      [00:04:16] Microsoft’s Changes to Cookie Practices

·      [00:09:21] Navigating Regulatory Landscapes for Businesses

·      [00:14:21] The Importance of Data Privacy Board Oversight

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Connect with Tom Fox

●      LinkedIn

Connect with Jonathan Armstrong

●      Twitter

●      LinkedIn

Categories
Life with GDPR

Meta Fined In Ireland

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recently released find by the Ireland Data Protection Commission against Meta for two legacy companies, €210m for its Facebook operation and €180m for Instagram for GDPR breaches.  The DPC also ordered Meta to change its data protection practices within three months.  Those changes may have a more lasting effect on Meta than the fines.  The two fines come in fifth and sixth places, respectively, in the largest GDPR fines of all time.

Some of the highlights  include:

  1. What were the facts?
  2. Why this matter has far wider implications than simply Big Tech.
  3. Max Schrems says this is a huge blow for Meta.
  4. The convoluted appeal process is going forward.
  5. Lessons learned.

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Life with GDPR

Emergency Podcast on Schrems III


In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we do our first emergency podcast based upon the European Court of Justice’s decision handed down July 16 on the Schrems III case, where the Court invalidated Privacy Shield. Some of the highlights are:

  1. What were the issues involved in this case?
  2. What did the Court find wanting in Privacy Shield?
  3. What are the differences in the European and American approach that led to this result?
  4. What was the ruling around standard contract clauses for data transfer?
  5. What are the implications going forward?

Check out the Cordery Compliance, client alert on this case, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.