Search results

In early September 2021, the European Telecommunications Standards Institute (ETSI) published its European Standard to lay down baseline cybersecurity requirements for Internet of Things (IoT) consumer products (ETSI EN 303 645 V2.1.1). The Standard is a recommendation to manufacturers to develop IoT devices securely from the outset. It also provides an internationally recognized benchmark – […]

[…] risks’ (which trigger a set of stringent obligations, including conducting a CA), ‘limited risks’ (with associated transparency obligations), to ‘minimal risks’ (where stakeholders are encouraged to build codes of conduct). The draft AIA is being introduced in an already existing system of laws that regulate products and services intended to be placed on the […]

[…] secrecy claims are not able to prevent individuals from effectively exercising their privacy rights. Panelists discussed issues such as the necessity of disclosing application or software source code when providing “explainability” of decision-making to data subjects, and debated the level of detail necessary in disclosures required under transparency obligations. Ms. Demetzou focused on how […]

[…] the fundamental level, Vietnam’s Constitution provides for an inviolable right to privacy and legal protection of information regarding personal privacy and personal and familial secrecy.  The Civil Code gives expression to these rights in a limited manner by, among others, requiring an individual’s consent for collection, use, retention, or publication of information about that […]

[…] the disclosure of personal data held by certain regulated entities (e.g., providers of financial services, medical practitioners), the PDP Commissioner has approved and registered seven Personal Data Codes of Practice, which provide more detailed requirements for entities in certain sectors to comply with the PDPA. These sectors include: insurance and takaful;  banking and finance;  […]

[…] complexity of the issue. Key comments included focusing on increased consumer demand and expectations of privacy, concerns about data localization, and insights on positive developments in technology coexisting with opportunities to improve regulation. Audience questions further sparked discussion on the complexity of regulating smaller entities within the space, and the importance of cost-benefit analysis […]

[…] Legislation Amendment (Enhancing Online Privacy and Other Measures) Bill 2021” (Online Privacy Bill) which, if passed, would complement the Privacy Act by introducing a binding online privacy code with which social media and other online platforms would have to comply, or face legal penalties. The status of the Online Privacy Bill is currently uncertain […]

[…] graduate of USC Gould School of Law and a Student Contractor with FPF’s Youth and Education Privacy team. On May 26, 2022, AB-2273, the California Age-Appropriate Design Code Act (ADCA) unanimously passed the California Assembly and moved to the Senate for consideration. California Assembly Members Buffy Wicks (D-Oakland) and Jordan Cunningham (R-Templeton) proposed AB-2273, […]

[…] the Act. The Act also empowers the Commissioner to, firstly, investigate complaints regarding entities’ privacy practices, resolve disputes, and issue binding compliance notices, and secondly, issue binding codes of practice in relation to specific sectors or classes of personal information.  In 2012, New Zealand also became one of the few jurisdictions in APAC that […]

[…] No. 16 C 10984 (N.D. Ill. Sep. 15, 2017); In re Facebook Biometric Info. Privacy Litig., 185 F. Supp. 3d 1155 (N.D. Cal. 2016). Washington Wash. Rev. Code Ann. §19.375.020 “Biometric identifier” means data generated by automatic measurements of an individual’s biological characteristics, such as a fingerprint, voiceprint, eye retinas, irises, or other unique […]