The aftermath of Cambridge Analytica’s scandal and other problems for Facebook in Europe

The scandal of Cambridge Analytica caused several consequences for Facebook in Europe. In the United Kingdom, the Information Commissioner (ICO) is investigating the use of personal data and analytics by political campaigns, parties, social media companies and other commercial actors by 30 organizations, including Facebook. See here. The Working Party 29(WP29) created a Social Media Working Group to develop a […]


Arizona adds blockchain technology to corporations law

Arizona signed House Bill 2603 to add a definition in Section 10-140, Definition – Arizona Revised Statutes (Section 10, Corporations and Associations) In particular, now 10-140(53) reads: 53.  “WRITING” OR “WRITTEN” INCLUDES BLOCKCHAIN TECHNOLOGY AS DEFINED IN SECTION 44‑7061. See The definition of “blockchain technology” is contained in Section 44-7061: “distributed ledger technology that uses a distributed, […]


EU Council’s Corrigendum to GDPR

Less than one month to the entering into force of the GDPR, the text (in all language versions) is still subject to changes, sometimes significantly. For more information and for advice on GDPR implementation, Francesca Giannoni-Crystal.    

DPAs’ guidance on exercising data subjects’ rights under GDPR vis-a-vis social media

Several DPAs have issued guidance on how individuals can exercise their rights as data subjects vis-a-vis social media platforms. See for example: – ICO – United Kingdom:… – Data Protection Commissioner – Ireland:… – Croatian Data Protection Agency: request for the protection of rights request for removing personal data from social networks reporting […]

Tags: ,

Italian DPA fines political party for privacy policy violation

In March 2018, the Garante per la Protezione dei Dati Personali, Italy’s Data Protection Authority, issued a fine of Euros 32,000 against the Rousseau association, controller of the processing of data of the website users of the Italian political party “5-Star” (Cinque Stelle). Federprivacy reports. After a data breach, the Italian DPA started investigating whether […]


Cybersecurity Tech Accord signed by 34 global technology and security companies

On April 17, 2018, 34 global technology and security companies signed a Cybersecurity Tech Accord, agreeing to defend all customers everywhere from malicious attacks by cybercriminal enterprises and nation-states. The 34 companies include ABB, Arm, Cisco, Facebook, HP, HPE, Microsoft, Nokia, Oracle, and Trend Micro, and together represent tech companies that power the world’s internet […]

Tags: ,

FTC publishes 2017 Privacy & Data Security report

The Federal Trade Commission (FTC) issued its 2017 Privacy & Data Security Update. The annual report summarizes the year’s privacy and data security enforcement actions, advocacy, workshops and guidance. Among the FTC’s 2017 privacy and security actions announced, is the first actions enforcing the EU-U.S. Privacy Shield framework.   The 2017 Privacy & Data Security update […]


Italian Council of Ministers’ preliminary approval of GDPR’s “harmonization” decree

The Italian Council of Ministers preliminarily approved a legislative decree (in furtherance of Parliament’s delegation Law October 25 2017, no. 163), containing provisions to amend domestic law in compliance with the GDPR. In fact, effective May 25, 2018, Legislative Decree June 30, 2003 no. 196 will be abrogated and the GDPR will be immediately into […]

Tags: ,

Records of processing activities of Article 30 GDPR – some model forms

Article 30 GDPR requires each controller and each processor to maintain a record of processing activities under its responsibility which must be in writing (including electronic form). Article 30 details the minimum content of the record. Some DPA made available model forms and notes for keeping records of processing activities: the BayLDA, the Bavarian DPA […]

Tags: ,

1 2 3 63