Gdpr on PeteMahon.nethttps://petemahon.net/tags/gdpr/Recent content in Gdpr on PeteMahon.netHugoen<a href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank" rel="noopener">CC BY-NC 4.0</a>Thu, 14 May 2020 09:00:00 +0400Saudi Arabia's new privacy regulations are a sign of things to come in the GCChttps://petemahon.net/posts/2020/05/saudi-arabias-new-privacy-regulations-are-a-sign-of-things-to-come-in-the-gcc/Thu, 14 May 2020 09:00:00 +0400https://petemahon.net/posts/2020/05/saudi-arabias-new-privacy-regulations-are-a-sign-of-things-to-come-in-the-gcc/<p>On January 31 2020, Saudi Arabia&rsquo;s Ministry of Commerce and Investment issued the Executive Regulations to the E-Commerce Law (Royal Decree No. M/126 dated 10 July 2019). These have now been published and impact any e-commerce firm selling to Saudis.</p> <p>The regulations stipulate that e-commerce firms must perform a range of actions which are designed to protect Saudi consumers. Affected businesses must:</p> <ul> <li>Put in place measures to protect consumer personal data.</li> <li>Add a privacy policy on the E-store</li> <li>Put in place a procedure to deal with consumer complaints</li> <li>Add information to the Terms and Conditions</li> <li>Add details to the invoice</li> <li>Allow consumers to unsubscribe from electronic advertisements</li> <li>Register on the Ministry&rsquo;s commercial register (mandatory only for KSA registered entities)</li> </ul> <p>We&rsquo;re going to focus on the first point because it feels very much like a distillation of the EU&rsquo;s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). The regulations provide the following definition for consumer personal data: &ldquo;any data – of whatever source of form – that identifies or is identifiable to a specific consumer&rdquo;. This data includes names, ID numbers, addresses, contact details, registration documents, bank and credit card information, photographs, videos and more.</p>5 Things You Need to Know About Your Biometric Datahttps://petemahon.net/posts/2019/01/5-things-you-need-to-know-about-your-biometric-data/Sun, 27 Jan 2019 09:00:00 +0400https://petemahon.net/posts/2019/01/5-things-you-need-to-know-about-your-biometric-data/<p>A landmark ruling in the Illinois Supreme Court last Friday morning, 25th January 2019, gave voice to the parents of a 14 year old boy, whose fingerprints were taken in the Six Flags theme park without informed consent. The judge in the case upheld that the plaintiff&rsquo;s rights were breached as per Illinois state&rsquo;s Biometric Information Privacy Act (BIPA).</p> <p>The ruling is a sign that the application of new laws governing the use of technology by corporate giants is coming into force and that the rights of private citizens are being recognised. Coupled with the EUs GDPR (General Data Protection Regulations), CCPA (California Consumer Privacy Act) and many more localised regulations to come, we are starting to see a real push back against our data being mis-used or held without informed consent.</p>