DLA Piper's Global Privacy and Data Protection Resource
Authors: Verena Grentzenberg and Katja-Maria Harsdorf
On 20 April 2023, the Advocate General (“AG”), Nicholas Emiliou, published his Opinion in the case of FT v DW, (C-307/22). In particular, the AG took the view that Art. 12(5) and Art. 15(3) GDPR must be interpreted as requiring a data controller to provide the…
Continue Reading Europe: Advocate General delivers Opinion on the right of access for purposes unrelated to data protection
Authors: Coran Darling and Rachel De Souza
On 29 March 2023, the UK Government (“Government”) published its long-awaited white paper (“Paper”), setting out the Government’s proposals to govern and regulate artificial Intelligence (“AI”). Headed “A Pro-Innovation Approach”, the Paper recognises the importance of building a framework that…
Continue Reading UK: Information Commissioner publishes response to new AI White Paper
Authors: Eleni Alexiou, Katharina Pauls
On 30 March 2023, the European Court of Justice (ECJ) ruled on the requirements for national legal bases regarding employee data protection in the context of a referral procedure. Based on its ruling, the German provision that gave rise to the referral procedure (Sec. 23 (1) sentence 1 of…
Continue Reading Germany: ECJ ruling on employee data protection
Authors: James Clark, Coran Darling, Andrew Dyson, Gareth Stokes, Imran Syed & Rachel de Souza
In November 2021, the UK Government (“Government”) issued the National Artificial Intelligence (AI) Strategy, with the ambition of making the UK a global AI superpower over the next decade. The strategy promised a…
Continue Reading A Pro-Innovation Approach: UK Government publishes white paper on the future of governance and regulation of artificial intelligence
By John Magee, Emer McEntaggart, Eilis McDonald, Nicole Fitzpatrick, Sarah Dunne, David Brazil & Christopher Connell
The Data Protection Commission (DPC) has published its 2022 Annual Report, highlighting the DPC’s progress on (i) ongoing large-scale inquiries (in particular against social media platforms), (ii) defence of cross-border decisions, and (iii) increased interaction with…
Continue Reading Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries
Authors: Alex Moore (Associate, Auckland) and Nick Valentine (Partner, Auckland)
On 30 March 2023, the Digital Identity Services Trust Framework Bill (the Bill) passed its third and final reading in New Zealand’s House of Representatives, with cross-party support. The Digital Identify Services Trust Framework Act will come into effect on 1 July 2024 (at the…
Continue Reading New Zealand: Digital Identity Services Trust Framework Bill passes final reading
Authors: Luc Bigel and Hamza Akli
On 24 January 2023, France’s Orientation and Programming Law (“LOPMI“) was enacted and published the next day in the Official Journal.
LOPMI introduces amendments to the insurability of losses and damages paid in response to cyber-attacks, including in relation to ransom payments – requiring that the payment…
Continue Reading France: Changes to insurability of cyber losses
Authors: Carolyn Bigg, Amanda Ge, Venus Cheung, and Gwyneth To
It’s now the time to focus on the steps that data controllers need to take to legitimize overseas processing of China personal information via the CAC certification route.
Background: While most PRC data controllers should have already identified whether to follow the…
Continue Reading CHINA: CBDT routes now all clear – Draft guidelines for CAC Certification route published
On 15th March 2023, the UK Information Commissioner’s Office (“ICO”) issued updated Guidance on Artificial Intelligence and Data Protection. The updated Guidance follows ‘requests from UK industry to clarify requirements for fairness in AI” and aims to support the UK government’s vision of a “pro-innovation approach to AI …
Continue Reading UK: ICO issues updated Guidance on Artificial Intelligence and Data Protection
Authors: Denise Lebeau-Marianna, Divya Shanmugathas and Lucie Dubecq-Princeteau
On 15 March 2023, the French Supervisory Authority (the “CNIL”) unveiled in a post its four key priorities regarding its upcoming investigations for 2023 targeting specific sectors (I), to which it added another topic related to DPO in line with the coordinated enforcement framework of…
