Long-awaited executive order strives to enhance and revive the invalidated Privacy Shield Framework

Author: Jim Sullivan

On 7 October 2022, President Biden issued an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (the EO), aimed at addressing the widespread legal uncertainty that has prevailed with respect to transatlantic data transfers since the …

Continue Reading President Biden orders surveillance reforms two years after Schrems II

Under the Data Security Law, organisations are required to classify the data they process according to their level of significance. Albeit a draft, the recent Draft Standard on Information Security Technology Network Data Classification and Grading Requirements (“Draft”) highlights the principles and methods for different industries, fields, localities, departments, and data processors to…
Continue Reading CHINA: Clarifications of data classification and grading requirements

Introduction

The Singapore Court of Appeal has recently clarified that ‘emotional distress’ is an actionable loss and damage under the existing right of private action of Personal Data Protection Act 2012 (“PDPA“).

Decision

Section 32 (now section 48O) of the Personal Data Protection Act 2012 (“PDPA”) provides individuals who have suffered…
Continue Reading SINGAPORE: Right of private action under the Personal Data Protection Act 2012 – scope explained

Following the first automobile industry-specific data and cyber compliance rules, published late last year (see our alert here), regulators have issued guidelines on the licensing of surveying and mapping activities and use of mapping data within connected vehicles, through the new Regulations on Promoting the Development of Intelligent and Connected Vehicles and Maintaining the …
Continue Reading CHINA: connected vehicle and automobile industry – new licences now required to enable/continue (i) surveying and mapping activities, (ii) overseas transfer of mapping data

If your organisation must follow the CAC assessment route to continue your cross-border flows of personal information or important data, we now know the full extent of the self-assessment, application and supporting documents to be filed with the CAC for approval. It remains a significant task, so action must be taken as soon as possible…

Google LLC has agreed to pay AUD 60 million to Australia’s competition regulator, the Australian Competition and Consumer Commission (ACCC), after it was held that Google breached the Australian Consumer Law (ACL) regarding its collection of location data.

In October 2019, the ACCC commenced proceedings alleging that Google had engaged in…
Continue Reading Australia: Google agrees to pay AUD 60 million for misleading consumers regarding the collection of location data

Mobile apps pervade all aspects of life in Mainland China, and in turn remain a high enforcement priority for data privacy regulators in China. For the past couple of years, operators of mobile apps in China have had to comply with over thirty additional, specific privacy compliance obligations (i.e. over and above those applicable to…
Continue Reading CHINA: mobile apps remain a high privacy risk, and face stringent requirements

…
Continue Reading EU: Who’s who under the DMA, DSA, DGA and Data Act?