DLA Piper Privacy Matters

OCTOBER 21, 2022

Indonesia’s long-awaited Personal Data Protection Law (“PDPL”) finally came into force on 17 October 2022, helpfully consolidating and clarifying the personal data protection framework in Indonesia. Data Protection Officer (DPO). Overseas Data Transfers. The law is primarily consent-based.

Personal data 98

Personal data Compliance Risk Access 98

Hunton Privacy

NOVEMBER 8, 2022

SHIFT Counsellors at Law reports from Indonesia that The People’s Representative Council of the Republic of Indonesia has ratified Indonesia’s draft law on personal data protection. The law, which is partly modeled on the EU General Data Protection Regulation, is Indonesia’s first “umbrella regulation” on personal data protection.

Personal data 134

Personal data GDPR Compliance Information Security 134

Data Protection Report

MARCH 15, 2024

The judgment of the ECJ is unsurprising given previous case law on the definitions of “personal data” and “controller” under the GDPR and the ECJ’s emphasis that the overarching objective of the GDPR is to “[ ensure] a high level of protection of the fundamental rights and freedoms of natural persons ”.

Personal data 73

Personal data GDPR Access Compliance 73

DLA Piper Privacy Matters

AUGUST 22, 2023

To add to the compliance burden, new mandatory, periodic and detailed data protection compliance audits have now been proposed in China, with measures beyond the usual governance/compliance audit compliance steps expected under other data protection frameworks, and a duty to report the audit results to the China data authorities.

Compliance 75

Compliance Personal data Government Access 75

DLA Piper Privacy Matters

MAY 23, 2023

Vietnam’s long-awaited, first-ever Personal Data Protection Decree (“ PDPD ”) has finally been passed and is scheduled to take effect from 1 July 2023 (save limited grace period exceptions). The most notable provisions of the PDPD relate to the compliance requirements in general processing and cross-border transfers of personal data.

Personal data 52

Personal data Compliance Data Privacy Data breaches 52

Data Protection Report

FEBRUARY 25, 2020

Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Highlights of the CAC Circular.

Personal data 133

Personal data Big data Data Privacy Data breaches 133

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy 138

Data Privacy Compliance Privacy Security 138

DLA Piper Privacy Matters

JUNE 27, 2023

Global flows of personal data have been a source of geopolitical concern for many years now. To date, these compliance challenges were essentially limited to personal data processing, so some organisations and sectors had to do more than others.

Personal data 52

Personal data Data Privacy GDPR Compliance 52

Data Protection Report

FEBRUARY 28, 2020

The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Background.

Personal data 91

Personal data Compliance Privacy Access 91

Hunton Privacy

MAY 29, 2020

The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E. 2563 (2020) (the “Royal Decree”).

Personal data 84

Personal data Compliance Insurance IT 84

DLA Piper Privacy Matters

AUGUST 22, 2023

The Draft Measures propose to introduce or flesh out other compliance requirements contained in the PIPL. This will, therefore, require more in-depth privacy notices than businesses may be used to providing in China. All these indicate that DPO should be a relatively senior position within an organization.

Compliance 98

Compliance Personal data Privacy Government 98

IT Governance

MAY 25, 2023

Given the scale and nature of its operations, Meta is obviously something of a special case, but the wider implications for personal data transfers from the EU to the US are clear: this case is surely going to be another nail in the coffin of the new EU-US DPF (Data Privacy Framework).

GDPR 96

GDPR Compliance Personal data Data Privacy 96

DLA Piper Privacy Matters

APRIL 11, 2022

Given these higher financial penalties, organisations collecting, using or disclosing personal data in Singapore are recommended to carefully review their existing data protection programmes and processes to ensure compliance with the PDPA. of personal data); and. of personal data); and.

Personal data 97

Personal data Compliance Cybersecurity Government 97

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements andrew.gertz@t… Tue, 08/29/2023 - 13:41 Modern-day business transactions heavily rely on international data transfers. The new “data bridge” would extend the EU-US Data Privacy Framework.

Personal data 62

Personal data Data Privacy Privacy GDPR 62

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia divya Thu, 02/02/2023 - 06:35 In response to the increased number of attacks targeting the personal data of millions of Indonesian citizens, the government passed the first Personal Data Protection (PDP) Law in 2022.

Personal data 71

Personal data Encryption Data breaches Authentication 71

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data 105

Personal data Data breaches Data collection GDPR 105

Data Matters

SEPTEMBER 23, 2021

If a company has already been GDPR compliant, its data privacy compliance system can basically work in China, while certain localizations are necessary in response to unique requirements under PIPL. In particular, a company should pay attention to the following differences between PIPL and GDPR: Data localization.

Data Privacy 97

Data Privacy Compliance Privacy Personal data 97

Data Breach Today

JUNE 22, 2023

French Regulator Fines Criteo for Website Cookie Tracking Tools The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.

GDPR 246

GDPR Personal data Privacy Compliance 246

Hunton Privacy

APRIL 12, 2021

On April 8, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted comments in response to the Ministry of Public Security (“MPS”) of Vietnam’s Draft Decree on Personal Data Protection (“Draft Decree”). Read CIPL’s full comments in English and in Vietnamese.

Personal data 87

Personal data Privacy Data breaches Compliance 87

Data Protection Report

OCTOBER 12, 2020

Following the Singapore Ministry of Communications and Information (MCI) and the Personal Data Protection Commission of Singapore (PDPC) public consultation in May this year (Public Consultation), the Personal Data Protection (Amendment) Bill (Bill) was introduced and had its first reading in Parliament on 5 October 2020.

Personal data 97

Personal data Data breaches Compliance Communications 97

Hunton Privacy

AUGUST 10, 2023

On August 9, 2023, India’s upper house ( i.e. , Rajya Sabha) passed the Digital Personal Data Protection Bill (“DPDPB”), two days after India’s lower house ( i.e. , Lok Sabha) passed the legislation. The DPDPB now heads to India President Droupadi Murmu for signature.

Personal data 52

Personal data Data breaches Government Access 52

Thales Cloud Protection & Licensing

FEBRUARY 18, 2021

Key steps on the road to LGPD compliance. Brazil, the largest country in both South America and Latin America, released a data privacy law bringing new business opportunities, especially in the international domain. Reporting: demonstrates compliance and facilitates the administrative procedures required by LGPD (Article 50).

Compliance 98

Compliance Unstructured data Personal data Big data 98

DLA Piper Privacy Matters

FEBRUARY 3, 2021

Organisations must now notify the Personal Data Protection Commission (PDPC) and affected individuals if a data breach results in, or is likely to result in, significant harm to affected individuals, or affects 500 or more individuals. The Personal Data Protection (Amendment) Act 2020 is available here: [link].

Personal data 98

Personal data Data breaches Compliance Privacy 98

DLA Piper Privacy Matters

JULY 21, 2020

The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual. Submissions.

Personal data 99

Personal data Access Compliance Privacy 99

Hunton Privacy

JANUARY 31, 2022

Generally, these AI-driven solutions require the processing of significant amounts of personal data for the AI model’s own training, which often is not the purpose for which the personal data originally was collected. Read the full article published by Infosecurity Magazine.

Artificial Intelligence 98

Artificial Intelligence Compliance GDPR Personal data 98

Data Protection Report

JUNE 26, 2023

The Guidance sits alongside the ICO’s recommendation that organisations should, if they haven’t already, start using PETs to share personal data safely, securely and anonymously. It focuses on how PETs can help achieve data protection compliance but keeps the description of the PETs themselves quite high level.

Personal data 52

Personal data Privacy Security Compliance 52

Data Protection Report

JUNE 1, 2020

For example, in February of this year, the FCA and ICO issued a joint statement warning regulated firms and insolvency practitioners of their responsibilities when dealing with personal data. What are the legal mechanisms to sell or utilise personal data in an insolvency situation? Asset sales.

Personal data 99

Personal data Sales Marketing GDPR 99

DLA Piper Privacy Matters

FEBRUARY 17, 2021

Securities and Exchange Commission (“ SEC ”) confirming that SEC-regulated UK domiciled firms (“ UK Regulated Firms ”) can share personal data with the SEC when seeking to comply with regulatory obligations, in compliance with the UK GDPR. As the GDPR places restrictions on the transfer of personal data to the U.S.,

Personal data 98

Personal data GDPR Security Compliance 98

Thales Cloud Protection & Licensing

AUGUST 30, 2023

The bright side of data privacy compliance: 5 value-driven opportunities for retailers madhav Thu, 08/31/2023 - 05:20 Failing to keep up with data privacy legislations, such as General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) can harm a brand’s bottom-line and public reputation.

Retail 71

Retail Data Privacy Compliance Privacy 71

DLA Piper Privacy Matters

NOVEMBER 16, 2021

The draft Network Data Security Management Regulation (“ Draft Regulation ”) was published for consultation on 14 November 2021, and is very wide-ranging in the compliance areas covered. This is a significant reminder to organisations to start data mapping and assessment of all China data sooner rather than later.

Compliance 118

Compliance Personal data Security Risk 118

Data Protection Report

JUNE 4, 2021

The Hong Kong Government is proposing amendments to the Personal Data (Privacy) Ordinance (the “ PDPO ”) to combat doxxing acts. public display) personal data of a data subject. Also, the new provisions not only protect the data subject, but also offer protection to his/her immediate family members.

Personal data 98

Personal data Data Privacy Privacy Paper 98

DLA Piper Privacy Matters

JUNE 27, 2022

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling. In Order No. In Order No. The disputed facts. Still, the same principles apply to any other transfer as well.

Personal data 98

Personal data Analytics GDPR Privacy 98

Collibra

JULY 23, 2020

Privacy Shield as an adequate framework for regulating exchanges of personal data between the European Union and United States. This decision introduces greater complexities to those managing data privacy because many multinational organizations relied on the Privacy Shield for cross-border data transfers.

Personal data 59

Personal data Data Privacy Privacy Compliance 59

DLA Piper Privacy Matters

DECEMBER 22, 2020

On 10 November 2020, the European Data Protection Board (“EDPB”) adopted its recommendations on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data. These recommendations were open for public consultation until 21 December 2020.

Personal data 59

Personal data Compliance IT 59

Data Matters

OCTOBER 15, 2019

On 22 August 2019, the Cyberspace Administration of China (CAC) announced the implementation of the Online Protection of Children’s Personal Data Regulation (????????????), (“the Regulation”) which came into force on 1 October 2019. In contrast with COPPA in the U.S., Consequences of the Regulation.

Personal data 68

Personal data Privacy Compliance Cybersecurity 68

IT Governance

APRIL 18, 2018

An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. What is a personal data breach? Loss of availability of personal data.

Personal data 79

Personal data Data breaches GDPR Compliance 79

Thales Cloud Protection & Licensing

JUNE 24, 2021

How FIDO 2 authentication can help achieve regulatory compliance. As such, FIDO2 can become an enabler for regulatory compliance. In the following paragraphs we will examine use cases where FIDO2 simplifies compliance with privacy and security regulations, namely GDPR, CCPA and PSD2. Compliance with GDPR and CCPA.

Authentication 71

Authentication Compliance GDPR Personal data 71