My Content
Insights

New Regulatory Directive on Assignment of Database Ownership in Israel

The Israeli Privacy Protection Authority (PPA) recently issued a new directive detailing the requirements for transferring ownership of databases of personal data. Directive No. 2/2024 emphasizes the transferor’s obligation to notify data subjects when ownership changes.

According to the directive, any change in ownership warrants notification to data subjects regarding the new owner’s identity and contact information, giving them the ...

Israeli Competition Regulator May Block Mergers for Overconcentrated Personal Data

The Israeli Competition Authority recently signaled, in a conference celebrating its 30th anniversary, that the regulatory Merger Directive may soon be updated to weigh the factor of data ownership concentration mergers approval application, even when the merging companies are not in direct competition.

Data ownership concentration was a pivotal concern for the regulator in its decision to deny the merger ...

European Privacy Regulators Opine on Personal Data Processing in AI Model Training

The European Data Protection Board (EDPB) issued a detailed opinion on privacy implications for AI models under the GDPR. The opinion outlines key considerations including the application of the GDPR to AI Models trained on personal data, the applicability of the “legitimate interest” legal basis for training AI models on personal data, and the implications for AI models unlawfully trained ...

FTC Enforcement Emphasizes Monetization of Geolocation Data

The Federal Trade Commission (FTC) has taken action against Mobilewalla, Inc., a data broker, for collecting and selling sensitive location data without obtaining proper consent from consumers. The FTC’s complaint alleges that Mobilewalla gathered data from real-time online ad bidding exchanges and third-party aggregators, often without consumers’ knowledge. This data included precise locations of individuals, such as visits to health ...

New European Law on Cybersecurity of Digital Products

The European Union’s Cyber Resilience Act entered into force in December. The Act aims to establish horizontal cybersecurity requirements for products with digital elements to ensure they are placed on the market with fewer vulnerabilities, and that manufacturers take security seriously throughout a product’s lifecycle. This regulation intends to improve transparency regarding product support periods, enabling users to consider cybersecurity ...

Meta Hit with a €251 Million Fine For Compliance Failures Amid Data Breach

The Irish Data Protection Commission (DPC) hit Meta Platforms Ireland Limited (MPIL) with a fine of €251 million following two inquiries into a 2018 data breach. The breach affected approximately 29 million Facebook accounts globally, with about 3 million of those accounts based in the EU/EEA. The personal data exposed included users’ full names, email addresses, phone numbers, locations, places ...

More of My Content
Insights