Going Global Data Privacy & Protection Insights – Monthly Newsletter September 2019

HBS Attorney Analysis


Portugal’s GDPR Law Is Now In Effect
By: Chase Langhorne, Esq.

On August 8, Portugal’s long-awaited data protection law went into effect. The legislation was originally passed in June, but awaited Presidential signature and publication in the Official Journal. The official name of the legislation is known as “Lei de Execução do Regulamento Geral sobre a Proteção de Dados” (English translation: “Execution Law of the General Data Protection Regulation”) (the “Execution Law”). Portugal was one of three remaining EU member states that had yet to pass GDPR-implementing legislation. Now only Greece and Slovenia remain.

Cayman Islands Data Protection Law Goes Into Effect September 30, 2019
By: Richard Sheinis, Esq.

The Data Protection Law, 2017, (“DPL”) introduces globally-recognized principles surrounding the use of personal information to the Cayman Islands. Similar to the GDPR and other data privacy legislation, individuals will have several data access rights. These rights include the right to be informed, the right to access their data, the right to correct their data, the right to stop processing, the right to stop direct marketing, and the right to compensation for damage.

Brazil’s General Data Privacy Law Goes Into Effect In 2020
By: Anthony Stewart, Esq.

Brazil is one of the latest countries to implement comprehensive data privacy regulation. Brazilian President Michel Temer recently signed into law the General Law of Protection of Personal Data, which goes into effect in February, 2020. The new law imposes detailed rules for the collection, processing, and storage of personal data, and its key provisions closely mirror the European Union’s General Data Protection Regulation (GDPR).

Ransomware On The Rise
By: Chase Langhorne,Esq.

Ransomware attacks are plaguing businesses all over the world and, unfortunately, show no signs of slowing down. The scenario goes something like this: you come into work, pour a cup of coffee, go to check your email and nothing seems to work. You cannot open your email, nor any files on your computer. Slowly people start walking the halls asking if you are having the same problem. Soon it’s noon and no one in the office has done any work. Your network has been hit with ransomware and you are dead in the water.

Latest News and Headlines


Data Breaches

Unsecured Facebook Databases Leak Data Of 419 Million Users

Monster.com says a Third Party Exposed User Data But Didn’t Tell Anyone

Boy Scouts’ information exposed during brief data breach

Moe’s, McAlister’s, Schlotzsky’s latest victims of data breach, company says

MoviePass Exposed Thousands of Unencrypted Customer Card Numbers

New Data Breach Has Exposed Millions Of Fingerprint And Facial Recognition Records: Report

Fines and Settlements

Google and FTC reach $170 million settlement over alleged YouTube violations of kids’ privacy
CNN Business

Facial recognition in schools leads to Sweden’s first GDPR fine

Third Circuit Upends Settlement in Google Privacy Litigation

€150,000 GDPR fine for wrongly using “consent” as a basis for processing personal data of staff

GDPR: new CNIL fine of 180,000 euros for a car insurance company
The National Law Review

United States

Lawsuit claims Home Depot ‘surreptitiously’ collecting customers’ ‘faceprint’
Atlanta Business Chronicle

Georgia Supreme Court Considers When Data Breach Victims Can Sue

Businesses Across the Board Scramble to Comply With California Data-Privacy Law
The Wall Street Journal


New Cayman Islands Data Protection Law, 2017 Coming Into Effect

Data Breaches Expose 4.1 Billion Records In First Six Months Of 2019

Alleged Global Google Privacy Leak: ‘GDPR Workaround’ Could Incur $5.4B Fine

ACCC seeks changes to data privacy laws for loyalty scheme customers

Portugal’s data protection law went into effect
The International Association of Privacy Professionals (IAPP)