In what is the second-largest GDPR fine to date, Ireland’s Data Protection Commission announced today that they have fined Facebook subsidiary WhatsApp €225million, or the equivalent of $267,198,750.00 USD, for several gross violations of GDPR (the General Data Protection Regulation in effect in the EU, as well as the UK since the UK’s ICO adopted it’s own “UK GDPR” following Brexit).

If you are in the UK do you still have to comply with GDPR following Brexit? As a matter of fact you do, and here’s why.

Privacy has become a delicate and controversial affair in the digital age because it seeks to strike a balance between the right to information and the ability to control personal data. This is evident in the back and forth over the recent drive for the Global Privacy Control initiative, which…

An international court has held that the operators of websites that display a Facebook ‘Like’ button can be data controllers under GDPR, because they are passing data on to Facebook.

There is a groundswell of GDPR-like privacy legislation being introduced in several states, with laws to protect the privacy of online personal information and data being introduced in Washington, Massachusetts, Maryland, New York, Rhode Island and Hawaii.

Hot on the heels of California passing their California Consumer Protection Act (CCPA) which is actually a consumer data protection law, and on the slightly more distant heels of the passage and enactment of the General Data Protection Regulation (GDPR), Colorado has both passed and enacted the Colorado Consumer Data Protection Act (CCDPA).

Two weeks ago California passed AB 375, now Title 1.81.5 of the California Code, and known as the California Consumer Privacy Act of 2018 (AB stands for Assembly Bill, meaning it was first introduced in the Assembly; SB would mean it had been introduced in the Senate). Also now known as the CCPA, the original sponsors of AB375 were California Assemblyman Edwin Chau, and California Senators Bob Hertzberg and Bill Dodd, Democrats all. The CCP is the California equivalent of GDPR.

GDPR offers a panoply of rights for individuals. Even if you are not a business owner or a corporate officer or manager, by now you have probably heard the term ‘GDPR’, or the phrase ‘General Data Protection Regulation’, which is what ‘GDPR’ stands for. As an individual you may have thought “Whatever the heck GDPR is, it doesn’t affect or apply to me.” But you would be wrong. The good news is that, as an individual, you are the protected entity covered by the ‘Protection’ in General Data Protection Regulation!

I was recently interviewed, in my capacity as an Internet law and policy attorney, and head of the Institute for Social Internet Public Policy, for an article sponsored by RSA about the impact that GDPR (the EU’s General Data Protection Rules), which goes into effect in the European Union in May 2018, is going to impact, well, everything. And, in particular, about how it will impact U.S. based businesses, because, trust me, it will.