This week is thoughtful as the Belgian Data Protection Authority decided that the IAB\u2019s cookie consent framework violated the GDPR. This ruling has tremendous potential implications on the ad tech industry. <\/p>\n\n\n\n
Companies that rely on it for consent are concerned about its future. The DPA has also ordered IAB Europe to provide an action plan within two months to comply with their framework. <\/p>\n\n\n\n
Join seers privacy webinar for more information on \u201cCookie Compliance – Emerging Challenges And their Solutions.\u201d You can register for the webinar <\/strong>here<\/strong><\/a>. <\/strong><\/p>\n\n\n\n We will keep posting when something is close enough to happen that you need to start looking about what you need to do to comply. <\/p>\n\n\n\n But for now, enjoy this week’s top stories!<\/p>\n\n\n\n Belgian Data Protection Authority fined IAB Europe 250k euros. TCF, which is utilised by much of the European advertising industry, violates EU privacy rules. This decision has massive implications on the ad tech sector. The decision comes when the AdTech ecosystem is being impacted by legislative and industry changes. Read more here<\/a>. <\/p>\n\n\n\n The UK Gov’t has finally published the UK’s standard form international data transfer agreement. Companies can share personal data outside of the UK to countries not recognised to have acceptable data protection legislation under the standard form agreement. It also released an “international data transfer addendum,” which allows companies to export data from the UK using the new \u201cEU Standard Contractual Clauses.\u201d The document will take effect in March 2022. Read more here<\/a>. <\/p>\n\n\n\n Pret A Manger paid more than $677K to settle a class-action complaint filed in Illinois alleging that the company collected and stored the fingerprints of almost 800 employees to track their work hours. According to the lawsuit, Pret A Manger violated Illinois’ Biometric Information Privacy Act of 2008 by mandating workers to use the fingerprint time clock without first obtaining written agreement from them. The company also failed to notify employees and the general public about why it was collecting the scans and what it planned to do with the data. Read more here<\/a>. <\/p>\n\n\n\n The French data protection authority (CNIL) announced that it had issued an order requiring an unnamed French website operator to comply with Chapter V of the GDPR after discovering that transfers of personal data to the US via the use of Google Analytics violated Article 44 of the GDPR. CNIL emphasised that personal data transfer only takes place if suitable safeguards are in place, which was not the case with the website. Read more here<\/a>. <\/p>\n\n\n\n Seers is hosting the privacy webinar on \u201cCookie Compliance – Emerging Challenges And their Solutions\u201d on February 23 at 16:00 GMT with kay speakers: <\/p>\n\n\n\n Jamal Ahmed (Chief Executive Officer at Kazient Privacy Experts), <\/p>\n\n\n\n Miki Fainberg (Head of Privacy Operations at PrivacyTeam), and <\/p>\n\n\n\n Adnan Zaheer (Chief Executive Officer at Seers). <\/p>\n\n\n\nTop Stories and Updates <\/strong><\/h2><\/p>\n\n\n\n
IAB Europe Knocked Down by Authorities – Impact on Advertising Industry<\/strong><\/h3><\/p>\n\n\n\n
UK Government publishes standard forms for exporting data from UK to third countries <\/strong><\/h3><\/p>\n\n\n\n
Pret A Manger resolves a class-action lawsuit involving fingerprint scanning of its staff<\/strong><\/h3><\/p>\n\n\n\n
CNIL finds Google Analytics violates GDPR and orders the website to comply <\/strong><\/h3><\/p>\n\n\n\n
Upcoming Webinar: \u201cCookie Compliance – Emerging Challenges And their Solutions.\u201d <\/strong><\/h3>\n\n\n\n