Late last Friday afternoon, California Attorney General Xavier Becerra released updated regulations to the California Consumer Privacy Act (CCPA). The updates contain a number of material modifications to the initial CCPA regulations that AG Becerra’s office released in October 2019. Alston & Bird has compiled a privacy briefing summarizing the 30 key modifications to […]
Alston & Bird Details 21 Potentially Significant Impacts from Draft CCPA Regulations
Late last week, the Californa Attorney General published much-anticipated proposed Regulations under the California Consumer Privacy Act (“CCPA”). The Regulations are extensive and contain a number of potentially material business impacts. To help companies work through the Regulations, Alston & Bird’s Privacy & Data Security team published a client advisory outlining “21 Potentially Significant […]
FashionID: Another Significant ECJ Case with Potential Impacts Across the Adtech Ecosystem
On July 29, 2019, the European Court of Justice (“ECJ”) issued its decision in the case of FashionID GmbH & Co. KG v. Verbraucherzentrale NRW. The ECJ found that websites that integrate Facebook plugins are jointly responsible for the data collected by those plugins and sent to Facebook. Despite the somewhat innocuous-sounding holding, this decision […]
CCPA Carve-Out for Online Advertising? Proposed Amendment Exempts Certain Advertising Data from Do-Not-Sell Restrictions
California passed the California Consumer Privacy Act (CCPA) in September 2018, and the CCPA enters into force on January 1, 2020. One of the CCPA’s core elements is a right for consumers to know when a company is selling their data, and to opt-out of data sales at any time. This was the primary focus […]
Google-Style GDPR Fines for Everyone? Bavarian DPA Conducts Website Cookie Practices Sweep, Announces Fines under Consideration
As has been widely reported, in late January the French privacy supervisor CNIL fined Google €50 million for privacy violations relating to targeted marketing using Android user data. One of the core violations the CNIL found was that Google’s Android user interface did not obtain effective, GDPR-compliant consent to targeted marketing from users. The amount […]