On 16 May 2022, the Council passed the Data Governance Act. The Data Governance Act (DGA) aims to improve data sharing trust, establish new EU laws on data marketplace neutrality, and make it easier to reuse some public-sector data. In important fie…
On 16 May 2022, the French personal data protection authority /Commission nationale de l'informatique et des libertés (CNIL)), published guidelines on the legality of "cookie walls". Cookie walls refer to making access to a website's content conditi…
On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued its Guidance on Recommended Model Contractual Clauses for Cross-border Transfer of Personal Data. The Guidance contains two sets of Recommended Model Contractual Clau…
On 10 May 2022, the Bill for "An Act concerning personal data privacy and online monitoring" was signed by the Governor of Connecticut and will become effective on 1 July 2023. The comprehensive data protection bill will apply to persons that conduc…
On 9 May 2022, the Securities and Exchange Commission (SEC) has closed the consultation on its proposed rules on enhancing and standardising cybersecurity risk management. The proposed rules would apply to companies subject to SEC reporting requirem…
On 5 May 2022, Senate Bill S2628 is put into force. The Bill obliges employers to inform all employees about the way they are electronically monitored. This notification must be done before they are hired and after that once every year. The Bill con…
On 4 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a set of Joint Opinions on the EU Commission's Proposal for a Data Act. The EDPB and EDPS find that additional measures are necessary …
On 4 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a set of Joint Opinions on the EU Commission's Proposal for a Data Act. The EDPB and EDPS find that additional measures are necessary …
On 2 May 2022, the Austrian Data Protection Authority issued a ruling refuting IP anonymisation as safeguard for data transfers from the EU to the United States. The authority rejected arguments by Google that websites using its tools, such as Googl…
On 2 May 2022, the European Data Protection Board closed the consultation on its previously published "Guidelines 3/2022 on dark patterns in social media platform interfaces: how to recognize and avoid them". Specifically, "dark patterns" are user i…