logo-small.png
- BLOG -

Headquarters

501 Boylston Street, 10th Floor

Boston, MA 02116

(617)-737-5000

info@outsidegc.com

ON-DEMAND INSIGHTS

Google Analytics, Cookies and GDPR

Google Analytics, Cookies and GDPR

January 10, 2023 at 10:00 AM - GDPR,

Most U.S. companies by now have modified their business practices to comply with the General Data Protection Regulation (GDPR). However, when it comes to the use of analytics technologies such as Google Analytics, the compliance requirements are less clear given the added applicability of the EU “Cookies Directive” (formally, the EU Directive 2002/58/EC) which regulates the use of cookies alongside GDPR-imposed consent requirements. Although implementation of the Cookies Directive varies from country to country in the EU, a decision issued by one national authority can be suggestive of future action. Last year, France’s data protection authority, the French Commission Nationale de l’Informatique et des Libertés (CNIL), issued an important interpretation of the Cookies Directive as it relates to the use of Google Analytics on a website accessible by EU/EEA residents.

Continue Reading
Important Compliance Deadline for U.S. Companies Handling EU Data

Important Compliance Deadline for U.S. Companies Handling EU Data

December 6, 2022 at 1:16 PM - GDPR,

The clock is ticking! The deadline for switching to the new EU Standard Contractual Clauses (SCC) for data transfers between the EU and non-EU countries is December 27, 2022. As of that date, data controllers and processors around the world that process the personal data of EU residents will no longer be able to rely on the old SCCs without violating the General Data Protection Regulation (GDPR). In other words, companies are legally obligated to replace all previously used SCCs with the new ones, and should be able to demonstrate having done so in case of an audit.  

Continue Reading
Understanding the Privacy Right to Be Forgotten

Understanding the Privacy Right to Be Forgotten

November 7, 2022 at 3:37 PM - Data Privacy,

Since 2018, the General Data Protection Regulation (GDPR) has wielded a significant impact on privacy practices across the globe. Aside from offering strong protection for the personal data of European Union citizens, GDPR has effected many changes in the way companies conduct business when EU data is part of the equation. Likewise, it has become the gold standard and a model for privacy legislation in many jurisdictions within the United States, as well as around the world.

Continue Reading
GDPR-Compliant Organizations: Why You May Need an EU Representative

GDPR-Compliant Organizations: Why You May Need an EU Representative

July 7, 2021 at 11:14 AM - GDPR,

The General Date Protection Regulation (GDPR) made its debut on the global privacy stage in 2018, and now, three years later, most U.S. companies doing business in the EU are well-aware of the regulation’s main provisions and their daily operational impact. However, the GDPR’s rules are expansive; and as a result, some of its “lesser known” articles have been overlooked by a number of smaller companies with limited in-house privacy resources.

Continue Reading
The Privacy Shield is Dead: Next Steps for U.S. Importers of EU Data

The Privacy Shield is Dead: Next Steps for U.S. Importers of EU Data

April 1, 2021 at 11:05 AM - EU Data Protection,

Since the adoption of the General Data Protection Regulation (GDPR), U.S. companies have invested a great deal of time and money in their compliance efforts; yet for many, their work is far from complete. For U.S. data importers, the July 2020 invalidation of the EU-U.S. Privacy Shield has left former “self-certified Shield” companies forced to find a new mechanism by which to lawfully transfer EU data into the U.S. Many of these companies will likely adopt the new set of standard contractual clauses (SCCs), once they are finalized by the European Commission.

Continue Reading
The Privacy Shield is Dead: Now What?

The Privacy Shield is Dead: Now What?

July 17, 2020 at 1:14 PM - Privacy,

After years of uncertainty, the fate of the EU-U.S. Privacy Shield (“Shield”) has finally been determined. On July 16th, the EU’s highest court, the Court of Justice of the European Union (CJEU), declared the Shield to be invalid as a lawful mechanism for transferring the personal data of EU residents to the U.S.

Continue Reading
Cookies and the EU User

Cookies and the EU User

June 29, 2020 at 3:21 PM - GDPR,

If a poll was taken of all U.S. companies using the personal information of European Union (EU) residents in connection with their business activities, most would report having taken steps to comply with the General Data Protection Regulation (GDPR). If you asked the same businesses what they have done to comply with the EU ePrivacy Directive of 2002 (also known as the “Cookies” Directive)[1], which regulates the use of cookies and other tracking technologies, many would need to admit they have not done anything. 

Continue Reading
GDPR v. CCPA: Privacy Legislation Cousins

GDPR v. CCPA: Privacy Legislation Cousins

June 26, 2020 at 10:56 AM - GDPR,

New York-area member Stephan Grynwajc recently wrote an article comparing the key terms of the EU's General Data Protection Regulation (GDPR) and California's Consumer Protection Act (CCPA), which was featured on the blog of our UK partners, Legal Edge

Continue Reading

Subscribe to our Blog

Popular Posts

   
This publication should not be construed as legal advice or a legal opinion on any specific facts or circumstances nor an offer to represent you. It is not intended to create, and receipt does not constitute, an attorney-client relationship. The contents are intended for general informational purposes only, and you are urged to consult your attorney concerning any particular situation and any specific legal questions you may have. Pursuant to applicable rules of professional conduct, portions of this publication may constitute Attorney Advertising.

Outside GC is an innovative approach to legal services for growing and mature businesses. Companies who engage Outside GC fall into two main categories: (1) those without in-house counsel who need regular, on-going legal support but do not wish to hire a full-time in-house lawyer, and (2) those with in-house counsel who do not wish to add more full-time resources to their existing in-house staff. Contact us to speak to one of our on-demand attorneys.