Website Cookie Compliance and US Data Transfers
Philipa Jane Farley of ProPrivacy – Compliance Solutions and L2 Cyber Security‘s own Liam Lynch, will talk about the implications of the following two significant items with a particular focus on the Sole Trader and Small/Micro Business Owners – Website Cookie Compliance and US Data Transfers
- If you have had your website recently created or updated
- You use some cloud services for email, online storage, distributing newsletters, etc.
Then this webinar is for you!
There is no registration for this event. Simply use the Calendar feature on this page to add the event to your calendar and join us anonymously via Microsoft Teams on the morning. There is a link below for this.
Website Cookie Compliance:
They found that a lot of the websites they reviewed were not handling cookies correctly. Virtually all of them set a cookie as soon as a person visited the site, which is being done without proper consent.
So the DPC has issued detailed guidance (included in the above link) for website owners to adhere to. They have given a grace period of 6 months for websites to be appropriately updated before they commence enforcement actions. This will start in October 2020.
US Data Transfers:
In July 2020, the Court of Justice of the European Union (CJEU) recently ruled on a case taken by Austrian privacy activist Max Schrems. This concerned the transfer of EU Residents personal data to the US and whether that personal data receives the same level of protection as it would do if processed in the EU/EEA.
The CJEU ruled that the Privacy Shield agreement between the US and EU did not have sufficient protections in place. This was because US Federal Law allowed for US state agencies to access EU resident’s personal data without any legal recourse. So Privacy Shield was struck down by the CJEU and it cannot be used by any company as a means to transfer data to the US.
There have been other methods suggested, such as Standard Contractual Clauses (SCC) and Binding Corporate Rules (BCR). These may be problematic too.