Uncategorized

Subscribe to Uncategorized via RSS

By John Magee, Emer McEntaggart, Eilis McDonald, Nicole Fitzpatrick, Sarah Dunne, David Brazil & Christopher Connell

The Data Protection Commission (DPC) has published its 2022 Annual Report, highlighting the DPC’s progress on (i) ongoing large-scale inquiries (in particular against social media platforms), (ii) defence of cross-border decisions, and (iii) increased interaction with
Continue Reading Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

Authors: Alex Moore (Associate, Auckland) and Nick Valentine (Partner, Auckland) 

On 30 March 2023, the Digital Identity Services Trust Framework Bill (the Bill) passed its third and final reading in New Zealand’s House of Representatives, with cross-party support. The Digital Identify Services Trust Framework Act will come into effect on 1 July 2024 (at the
Continue Reading New Zealand: Digital Identity Services Trust Framework Bill passes final reading

Authors: Luc Bigel and Hamza Akli 

On 24 January 2023, France’s Orientation and Programming Law (“LOPMI“) was enacted and published the next day in the Official Journal.

LOPMI introduces amendments to the insurability of losses and damages paid in response to cyber-attacks, including in relation to ransom payments – requiring that the payment
Continue Reading France: Changes to insurability of cyber losses

Authors: Carolyn Bigg, Amanda Ge, Venus Cheung, and Gwyneth To

It’s now the time to focus on the steps that data controllers need to take to legitimize overseas processing of China personal information via the CAC certification route.

Background: While most PRC data controllers should have already identified whether to follow the
Continue Reading CHINA: CBDT routes now all clear – Draft guidelines for CAC Certification route published

On 15th March 2023, the UK Information Commissioner’s Office (“ICO”) issued updated Guidance on Artificial Intelligence and Data Protection. The updated Guidance follows ‘requests from UK industry to clarify requirements for fairness in AI” and aims to support the UK government’s vision of a “pro-innovation approach to AI
Continue Reading UK: ICO issues updated Guidance on Artificial Intelligence and Data Protection

Authors:  Heidi Waem and Simon Verschaeve

On 21 February 2023, the Litigation Chamber of the Belgian Data Protection Authority ruled on a case relating to the lawfulness of a geolocation tracking system for employee vehicles used by a public authority. The decision not only sets out the conditions for the use of such systems, but
Continue Reading Belgium: Belgian data protection authority clarifies the public interest legal basis in the context of decision on a vehicle tracking system

Authors: Jim Sullivan, John Magee, Rachel De Souza & Christopher Connell

The European Data Protection Board (“EDPB” or the “Board”) on 28 February 2023, released its non-binding opinion on the draft adequacy decision underlying the EU-US Data Privacy Framework (“DPF”). The Board welcomed the “substantial improvements” to
Continue Reading EU/US: EDPB Welcomes Improvements in the EU-US Data Privacy Framework, but Challenges Remain

Data protection compensation claims continue to manifest themselves. Understanding a data incident, and how to respond in an appropriate manner, is vital to combatting this growing threat.

Judgments through 2022 continued to be largely favourable to those facing such claims. But the threat still exists.

On Thursday, 2 March 2023, David Cook and Benjamin Fellows
Continue Reading UK: Data Protection Compensation Claims Webinar