My Content
Insights

Italian Food Delivery Company Fined for Automated Decision-Making

The Italian privacy regulator has hit Foodinho, an Italian food delivery company, with a €2.6 million fine for infringing the GDPR by using an automated algorithm to rate its delivery personnel and increase or decrease food orders assigned to them. Foodinho’s algorithm used a variety of data to assess the performance of its delivery personnel. This included chats, emails and ...

European Privacy Regulators Issue Final Recommendations on Cross-Border Data Transfers

The European Data Protection Board (EDPB) has published its final recommendations for the necessary safeguards for transfers of personal data to destinations outside the European Economic Area (EEA), following the Schrems II decision in which the Court of Justice of the European Union (CJEU) held that personal data transferred from the EEA to a destination outside the EEA must be ...

China Enacts New Data Security Law

After two rounds of public comments, the Data Security Law (DSL) of the People’s Republic of China was formally issued on June 10, 2021. The DSL, effective September 1, 2021, establishes a series of principles and policies designed to ensure the protected and effective use of data. It governs both data activities conducted in China, and data activities conducted outside ...

U.S. Supreme Court Says Schools May Not Limit Students’ Freedom of Speech Off-Campus

The U.S. Supreme Court has held that a Pennsylvania high school violated the First Amendment of the Constitution in suspending a 14-year-old student after she posted two messages on Snapchat containing vulgar language directed at the school and school officials. The student posted the messages when she was off school grounds.

The Supreme Court considered whether a 1969 ruling, holding ...

EU Commission Recognizes the UK as Adequate

The EU Commission formally recognized the United Kingdom as an adequate jurisdiction for cross-border transfers of data governed by the GDPR. The UK now joins about a dozen other countries already recognized under an EU Commission adequacy decision, including Israel, Canada, New Zealand, Japan, and Switzerland.

The adequacy recognition allows for a more seamless flow of personal data from the ...

European High Court Says Online Platforms Are Not Liable for Copyright Infringement by Users if They Take Appropriate Measures

The Court of Justice of the European Union (CJEU) has held that operators of online platforms to which users post copyright-protected content are not liable for copyright infringement in such user-posted content if they meet certain conditions. First, they must not contribute to giving access to such content to the public in breach of copyright, beyond merely making those platforms ...

Insights