Uncategorized

Subscribe to Uncategorized via RSS

Google LLC has agreed to pay AUD 60 million to Australia’s competition regulator, the Australian Competition and Consumer Commission (ACCC), after it was held that Google breached the Australian Consumer Law (ACL) regarding its collection of location data.

In October 2019, the ACCC commenced proceedings alleging that Google had engaged in
Continue Reading Australia: Google agrees to pay AUD 60 million for misleading consumers regarding the collection of location data

Mobile apps pervade all aspects of life in Mainland China, and in turn remain a high enforcement priority for data privacy regulators in China. For the past couple of years, operators of mobile apps in China have had to comply with over thirty additional, specific privacy compliance obligations (i.e. over and above those applicable to
Continue Reading CHINA: mobile apps remain a high privacy risk, and face stringent requirements

As part of its data strategy, the European Commission has presented a number of legislative instruments, including the Digital Markets Act (DMA), the Digital Services Act (DSA), the Data Governance Act (DGA) and the Data Act.

Our article analysing these four new instruments in more detail – in particular, who these legal instruments apply to


Continue Reading EU: Who’s who under the DMA, DSA, DGA and Data Act?

On 26 May 2022, the TC260 released the Draft Requirements on Privacy Agreements for Internet Platforms, Products and Services (“Draft Requirements”) for public consultation. The Draft Requirements flesh out the regulatory scheme regarding privacy policies as put forward in the Personal Information Protection Law (“PIPL”) and Personal Information Specification (“PIS
Continue Reading CHINA: Draft Rules on Privacy Policies Released – Is Your Privacy Policy Compliant?

On 3 August, the Indian Central Government withdrew the Personal Data Protection Bill, 2019 (PDP Bill). The PDP Bill, which has drawn criticism from both privacy advocates and industry stakeholders, was first published in 2018 and was to be India’s first law on the protection of personal data. A government notice stated that
Continue Reading India: Government withdraws long-awaited Personal Data Protection Bill

On Thursday 21 July 2022, the Cyberspace Administration of China (“CAC”) fined Didi Global Inc, an online ride-hailing business a total of RMB 8.026 billion (approximately USD 1.2 billion).

The CAC explained that the reasons for the fines were due to Didi’s:

  • illegal collection of over 11.9 million screenshots from users’ mobile phone


Continue Reading China: Enforcement of data protection – 5% of annual local revenue

Authors: Sarah Birkett and Alex Moore 

The use of CCTV systems to collect biometric information from individuals in Australia is attracting headlines. The issue relates not to the use of CCTV itself, but rather the collection of biometric information (i.e. electronic copies of faces, fingerprints, voices) via CCTV. Organisations, including retailers, may collect biometric information
Continue Reading Australia: Collection of biometric information via CCTV

Authors: Alexa Smith, James Clark, Robyn Palmer, Jamie Sanderson

The UK Government has published its long-awaited ‘Data Protection and Digital Information Bill’. The Bill will reform areas of UK data protection and electronic privacy law, and will also introduce new regulatory frameworks, most notably in the field of digital identity
Continue Reading UK: New Data Protection and Digital Information Bill

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling.

In Order No. 224 of June 9, 2022, the Italian data protection authority found that transfers of personal data
Continue Reading ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data