Uncategorized

Subscribe to Uncategorized via RSS

Authors: Carolyn Bigg, Amanda Ge, Venus Cheung, and Gwyneth To

Summary: The final version of the China SCCs has now been published, meaning those organisations that haven’t had to apply for CAC approval for their cross-border transfers of personal information now have until 1 December 2023 to:

  • sign the China SCCs with


Continue Reading CHINA: Final China SCCs for CBDT published – What you need to know

Authors: Heidi Waem and Simon Verschaeve

The arrival of the internet has revolutionized the advertising landscape, and since the appearance of the first banner ad in 1994, innovative technologies have been developed in the field of online advertising. Since then, new stakeholders, such as online platforms, have emerged and a whole spectrum of new digital
Continue Reading EU Regulatory Data Protection: Online advertising – A regulatory patchwork under construction

Author: Keri Bennett

As of February 1, 2023, two new sections of the British Columbia Freedom of Information and Protection of Privacy Act (“FIPPA”) and associated regulations are in force. All public bodies governed by FIPPA in the province of British Columbia (generally speaking all government ministries and the broader public sector) 


Continue Reading Canada: Changes to privacy regulations require BC public bodies to report privacy breaches and develop ‎privacy management program

Authors: Heidi Waem – Nicolas Becker

Following a reference for a preliminary ruling by the Belgian Council of State, the Belgian Constitutional Court ruled that an interested third party should be able to bring an appeal against a decision of the Litigation Chamber (the sanctioning body within the Belgian Data Protection Authority). As article 108,
Continue Reading Belgium: Constitutional Court rules that third parties should be able to appeal DPA decisions

On 12 January 2023, the European Court of Justice (“CJEU”) delivered its judgment regarding the right of access to personal data under Article 15 GDPR. The CJEU held that when exercising their right of access under the GDPR, data subjects must be provided with the individual data recipients of their personal data.

Background
Continue Reading Europe: CJEU decision – Right of access to individual recipients of personal data

New decisions narrow ‘contractual necessity’ as a ground for processing data—and highlight divisions among EU privacy regulators

Authors: James Sullivan, John Magee & David Brazil

Ireland’s Data Protection Commission (DPC) announced on January 4, 2023, that it has fined Meta a total of €390 million after finding that the company’s Facebook and Instagram
Continue Reading EU & Ireland: Meta’s legal basis for targeted ads found to breach GDPR

On 2 November 2022, the Portuguese Data Protection Authority (“CNPD”) issued a Decision imposing a fine of € 4,300,000 (four million three hundred euros) to the National Institute of Statistics (“INE”) for multiple violations in the processing of data subjects’ sensitive data during the Census 2021 operation.

Background

On the 27
Continue Reading Portuguese Data Protection Authority fines the National Institute of Statistics € 4.3 million

1  New development and timing

On 13th December, the European Commission published a draft adequacy decision to enhance and replace its 2016 adequacy decision for the EU-U.S. Privacy Shield framework (“Privacy Shield”), which was invalidated by the Schrems II decision of the Court of Justice of the European Union (“CJEU”). The Commission has submitted
Continue Reading EU – US adequacy decision: State of play

Authors: James Clark and David Cook

The UK government has published its plans to amend the Network and Information Systems Regulations 2018.  The reforms will lead to many more IT companies falling within the scope of the Regulations as ‘Digital Service Providers’ and will expand incident reporting obligations.  A two-tiered regime for Digital Service Providers
Continue Reading UK NIS – Get ready for expansion of the UK’s critical national infrastructure cyber security laws