EDPB announced a binding decision on the fine handed by CNIL
The European Data Protection Board (EDPB) gave a binding decision under the EU General Data Protection Regulation’s (GDPR) Article 65 dispute resolution mechanism. The decision is linked to a EUR 600,000 penalty given by France’s data protection authority, Commission nationale de l’informatique et des libertes (CNIL). The fine was issued to French hotel chain Accor which allegedly distributed nonconsensual marketing messages to their customers. The action for Article 65 was generated by supervisory authorities concerned with the planned sum for the penalty of CNIL.
CPPA issues a letter disputing the American Data Privacy and Protection Act
A letter opposing the American Data Privacy and Protection Act (ADPPA) was sent by the California Privacy Protection Agency (CPPA) to House Speaker Nancy Pelosi and Minority Leader Kevin McCarthy. The bill advanced out of the House Energy and Commerce Committee and will probably take over California’s privacy law with watered-down protections and weakens the CPPA’s directive to ensure the privacy of Californians.
Tech giants are getting ready for the EU Digital Markets Acts
US-based tech giants are preparing their intentions to comply with or challenge the EU Digital Markets Act (DMA). According to Gerard de Graaf, European Commission Directorate-General for Communications Networks, Content and Technology, “there will be litigation, no doubt.” The Commission’s office in San Francisco will soon have discussions with some Silicon Valley firms that are on the DMA radar.
Amendments to Russian data protection law will start enforcement on Sept. 1
Russia’s data protection authority, the Roskomnadzor, outlines the Federal Law on Personal Data amendments that will start its enforcement on Sept. 1. Included in the amendments are data breach notification and language prohibiting contractual data processing that includes conditions to restrict data subject rights. Future amendments planned by the Roskomnadzor will have harsher penalties and liability schemes around data breaches.