Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

CPRA, GDPR, Virginia CDPA, and NY Shield Act: Essential Things You Need to Know

With the rise of streaming TV, online commerce, messaging and contactless purchasing, there is more data out there. With pandemic economy dictating efficiency in spending, and third party cookies being phased out, publishers and brands are looking for the most efficient bang for their advertising buck. This data and how is it used is increasingly regulated both in the EU under GDPR and in the US under CCPA and the upcoming laws CPRA and Virginia CDPA. In this interactive webinar, Odia Kagan will discuss the unique issues around ad tech and personal data collection and will explain what publishers, and adtech providers need to think about when faced with compliance under these laws and what steps should they take now.
The webinar will cover:
• Advertising personalization data is personal data and personal information under CCPA and GDPR.
• Key requirements under CCPA, CPRA, GDPR
• Do not share my personal information?
• How do you disclose your practices transparently?
• Where does TCF factor in?
• Use and sharing is consent-based – but how does that work in real life?

Recorded webinar:

  • Sé el primero en comentar

  • Sé el primero en recomendar esto

CPRA, GDPR, Virginia CDPA, and NY Shield Act: Essential Things You Need to Know

  1. 1. Agenda • California: CCPA/CPRA • Virginia: CDPA • New York: NY Shield • EU/US: GDPR Extraterritorial + Cross Border • US: What does the future hold? • Q & A
  2. 2. Key Issues in CCPA/CPRA
  3. 3. • First comprehensive privacy law • Signed into law on June 28, 2018. • Went into effect January 1, 2020. • Enforceable since July 1, 2020 • Enforcement already started, lawsuits filed CCPA in a Nutshell
  4. 4. • Personal Information – very broad (even inferences). • Detailed privacy disclosure(s) • What’s in a sale? • Yes, cookies too • Financial incentive? Key Issues in CCPA
  5. 5. • Data minimization + Purpose limitation • Retention limitation • Limitation on “sharing” (targeted advertising focus) • Global opt out?? • Profiling and automated decision making • DPIA • Detailed obligations for service provider agreements Key Issues in CPRA
  6. 6. Key Issues in VA CDPA
  7. 7. Key Issues in VA CPDA • Opt-in for sensitive information • Reasonable administrative, technical and physical security • Broad Data Protection Assessment requirements • Process for de-identified information • Detailed obligations for service provider agreements • Obligations for data processors • Children’s compliance - COPPA
  8. 8. Key Issues in NY Shield / NYDFS
  9. 9. • Effective: 10/19 (breach) 3/2020 (infosec) • Holding personal information of NY residents • Broad definition (CC number, biometrics) • Detailed information security req’s • Breach notification Key Issues in NY Shield Act
  10. 10. • 4 phases 2/18 – 3/19 • Comprehensive cybersecurity program (governance, incident response, internal policies, reporting, third party providers). • First enforcement – Summer 2020 Key Issues in NYDFS Cybersecurity Regs
  11. 11. GDPR Extraterritorial
  12. 12. • Soriano - Offering / targeting must be “related to” • EDPB 2021-2023 Action plan – More enforcement on Non-EU controllers • New SCC’s – Do they apply to Art. 3(2) entities? Extraterritorial Application of GDPR
  13. 13. SchremsII and its Aftermath
  14. 14. • Court decision: Privacy Shield is dead; SCC’s need life support. • EDPB Guidelines: o No risk based approach o No US cloud providers? o What about intercompany transfers? • New SCC’s • What to do? SchremsII and Aftermath
  15. 15. What does the future hold?
  16. 16. US: State laws • Washington state – bill making progress • GDPR concepts • (almost) No private right of action • New York • Several bills • Fiduciary obligations • Private right of action + regulations • Texas? • Colorado?
  17. 17. US: Federal • Increased privacy / cybersecurity focus? • More FTC enforcement? • Federal law? • EU US Privacy Shield? /Surveillance laws
  18. 18. THANK YOU ? Odia Kagan