The European Data Protection Board (EDPB) has issued new guidelines about the intersection between online services and processing based on the necessity of performance of a contract.
NY Privacy Act proposed Jan 6 establishes consumer rights; adopts #GDPR concepts of consent, processing & controller/processing distinction; outlines detailed risk definition. Violations could result in injunction, liability for damages & civil penalties. https://legislation.nysenate.gov/pdf/bills/2021/A680
French data protection authority (@CNIL) imposed fines on PERFOMECLIC for failure to demonstrate it obtained valid consent before sending prospecting emails in violation of the French Postal & Electronic Comms Code (CPCE) & #GDPR (Fr) Deliberation here: https://bit.ly/2JOZQww
The flow of EU data to UK has been extended post-Brexit for six months. Read the full statement from @ICOnews here: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/12/ico-statement-in-response-to-uk-governments-announcement-on-the-extended-period-for-personal-data-flows-that-will-allow-time-to-complete-the-adequacy-process/