The Governor of Virginia signed the state’s Consumer Data Protection Act (VCDPA) into law, marking it the second state in the U.S. to codify a major privacy and data protection law, after California. The VCDPA follows some of the arrangements of the California Consumer Privacy Act (CCPA) as amended by the Consumer Privacy Rights Act (CPRA), but still departs from ...
The Israeli government will be required to develop civilian contact-tracing technology, taking into account privacy-driven design from the outset, much like dozens of other countries around the world have done. The applications will be available for use on a voluntary basis, free of charge, and will be based on encrypted and anonymous data. These matters are proposed in a bill [Hebrew] ...
The Supreme Court of Israel struck down major components in the Israeli government’s nearly one-year-long use of the Israeli Security Agency (colloquially called “Shabak”) in cellular-network-based monitoring of the whereabouts of individuals for epidemiological investigations to prevent the spread of COVID-19. The Supreme Court ordered the government to cease its current widespread use of cellular-network-based monitoring by March 14, 2021. ...
In Israel, like other jurisdictions, the privacy and data protection regime continues to apply during the Coronavirus pandemic crisis. It is generally flexible enough to allow private and state actors to undertake various anti-pandemic measures.
At the governmental level in Israel, the Israeli prime minister has taken the extraordinary measure of enlisting Israel’s national security agency (known as the General ...
The UK privacy regulator – the Information Commissioner’s Office (ICO) – has published the final version of its Age Appropriate Design Code of Practice for designers, developers, and operators of digital services aimed to be used by children.
The ICO requires that services provide greater protection of children’s personal data by default, stating, for instance, that location and profiling features ...
In early February 2021, the European Data Protection Board (EDPB) issued a paper clarifying some of the GDPR’s implications on processing personal data for health-related research, in response to the European Commission’s questions on this topic.
The EDPB’s document is a preliminary one. It offers a partial, rather than a comprehensive, overview of the topic. The EDPB indicates that ...
Data breach incidents, including ransom demand incidents, are growing increasingly common. They emphasize the importance of data protection measures and compliance with the Protection of Privacy law and the Information Security Regulations. Organizations need to consider whether to discard some of the information in order to reduce the risk in advance. These were the statements of the acting head of ...
The French data protection authority (the “CNIL”) published for public comments its draft of practical recommendations on how organizations should obtain the consent of data subjects for processing their information through cookies.
The draft contains practical examples for websites and apps owners and operators on the proper procedures for obtaining data subject consent to cookies. These include presenting the information ...
New user? Click here to register