Showing archive for: “GDPR”
GDPR Decision Against Meta Highlights that Privacy Regulators Don’t Understand ‘Necessity’
The €390 million fine that the Irish Data Protection Commission (DPC) levied last week against Meta marks both the latest skirmish in the ongoing regulatory war on the use of data by private firms, as well as a major blow to the ad-driven business model that underlies most online services. More specifically, the DPC was ... GDPR Decision Against Meta Highlights that Privacy Regulators Don’t Understand ‘Necessity’
European Commission Tentatively Finds US Commitments ‘Adequate’: What It Means for Transatlantic Data Flows
Under a draft “adequacy” decision unveiled today by the European Commission, data-privacy and security commitments made by the United States in an October executive order signed by President Joe Biden were found to comport with the EU’s General Data Protection Regulation (GDPR). If adopted, the decision would provide a legal basis for flows of personal ... European Commission Tentatively Finds US Commitments ‘Adequate’: What It Means for Transatlantic Data Flows
Biden’s Data Flows Order: Does It Comport with EU Law?
European Union officials insist that the executive order President Joe Biden signed Oct. 7 to implement a new U.S.-EU data-privacy framework must address European concerns about U.S. agencies’ surveillance practices. Awaited since March, when U.S. and EU officials reached an agreement in principle on a new framework, the order is intended to replace an earlier ... Biden’s Data Flows Order: Does It Comport with EU Law?
How Not to Use Industrial Policy to Promote Europe’s Digital Sovereignty
The concept of European “digital sovereignty” has been promoted in recent years both by high officials of the European Union and by EU national governments. Indeed, France made strengthening sovereignty one of the goals of its recent presidency in the EU Council. The approach taken thus far both by the EU and by national authorities ... How Not to Use Industrial Policy to Promote Europe’s Digital Sovereignty
The Road to Antitrust’s Least Glorious Hour
Things are heating up in the antitrust world. There is considerable pressure to pass the American Innovation and Choice Online Act (AICOA) before the congressional recess in August—a short legislative window before members of Congress shift their focus almost entirely to campaigning for the mid-term elections. While it would not be impossible to advance the ... The Road to Antitrust’s Least Glorious Hour
Commerce Committee Fails to Correct Major Deficiencies in House Privacy Bill
Having earlier passed through subcommittee, the American Data Privacy and Protection Act (ADPPA) has now been cleared for floor consideration by the U.S. House Energy and Commerce Committee. Before the markup, we noted that the ADPPA mimics some of the worst flaws found in the European Union’s General Data Protection Regulation (GDPR), while creating new ... Commerce Committee Fails to Correct Major Deficiencies in House Privacy Bill
Privacy, Crypto, and EU Financial Surveillance
European Union lawmakers appear close to finalizing a number of legislative proposals that aim to reform the EU’s financial-regulation framework in response to the rise of cryptocurrencies. Prominent within the package are new anti-money laundering and “countering the financing of terrorism” rules (AML/CFT), including an extension of the so-called “travel rule.” The travel rule, which ... Privacy, Crypto, and EU Financial Surveillance
ADPPA Mimics GDPR’s Flaws, and Goes Further Still
Just three weeks after a draft version of the legislation was unveiled by congressional negotiators, the American Data Privacy and Protection Act (ADPPA) is heading to its first legislative markup, set for tomorrow morning before the U.S. House Energy and Commerce Committee’s Consumer Protection and Commerce Subcommittee. Though the bill’s legislative future remains uncertain, particularly ... ADPPA Mimics GDPR’s Flaws, and Goes Further Still
DMA Update: It’s Still a Privacy Danger
The European Union’s Digital Markets Act (DMA) has been finalized in principle, although some legislative details are still being negotiated. Alas, our earlier worries about user privacy still have not been addressed adequately. The key rules to examine are the DMA’s interoperability mandates. The most recent DMA text introduced a potentially very risky new kind ... DMA Update: It’s Still a Privacy Danger
The Paradox of Choice Meets the Information Age
Barry Schwartz’s seminal work “The Paradox of Choice” has received substantial attention since its publication nearly 20 years ago. In it, Schwartz argued that, faced with an ever-increasing plethora of products to choose from, consumers often feel overwhelmed and seek to limit the number of choices they must make. In today’s online digital economy, a ... The Paradox of Choice Meets the Information Age
Attention Markets: They Know Them When they See Them
A raft of progressive scholars in recent years have argued that antitrust law remains blind to the emergence of so-called “attention markets,” in which firms compete by converting user attention into advertising revenue. This blindness, the scholars argue, has caused antitrust enforcers to clear harmful mergers in these industries. It certainly appears the argument is ... Attention Markets: They Know Them When they See Them
Privacy and Security Risks of Interoperability and Sideloading Mandates
There has been a wave of legislative proposals on both sides of the Atlantic that purport to improve consumer choice and the competitiveness of digital markets. In a new working paper published by the Stanford-Vienna Transatlantic Technology Law Forum, I analyzed five such bills: the EU Digital Services Act, the EU Digital Markets Act, and ... Privacy and Security Risks of Interoperability and Sideloading Mandates