DLA Piper Privacy Matters

MAY 23, 2023

Vietnam’s long-awaited, first-ever Personal Data Protection Decree (“ PDPD ”) has finally been passed and is scheduled to take effect from 1 July 2023 (save limited grace period exceptions). The most notable provisions of the PDPD relate to the compliance requirements in general processing and cross-border transfers of personal data.

Personal data 52

Personal data Data breaches Data Privacy Compliance 52

Data Protection Report

APRIL 5, 2023

The alleged GDPR infringements: The Garante apparently took its action after becoming aware of a recent data breach at ChatGPT, where users’ chat titles and payment information was exposed.

Personal data 111

Personal data GDPR Data breaches Privacy 111

Data Protection Report

MARCH 28, 2023

In a recent decision (the Decision ), [1] the Personal Data Protection Commission ( PDPC ) considered for the first time a company’s reliance on the Legitimate Interests Exception (as defined below) under the Personal Data Protection Act 2012 ( PDPA ) when the consent procured is invalid.

Personal data 98

Personal data Risk Access Security 98

DLA Piper Privacy Matters

OCTOBER 21, 2022

Indonesia’s long-awaited Personal Data Protection Law (“PDPL”) finally came into force on 17 October 2022, helpfully consolidating and clarifying the personal data protection framework in Indonesia. Data Protection Officer (DPO). Overseas Data Transfers. The law is primarily consent-based.

Personal data 98

Personal data Compliance Risk Access 98

Data Protection Report

SEPTEMBER 23, 2021

The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019.

Personal data 111

Personal data GDPR Insurance Record destruction 111

DLA Piper Privacy Matters

MAY 18, 2023

The EGC held that pseudonymised data transmitted to a data recipient will not be considered personal data if the recipient of the data does not itself have the means to re-identify the individuals. The SRB argued that the data transmitted were anonymised and therefore were not personal data.

Personal data 52

Personal data GDPR Access IT 52

The Last Watchdog

NOVEMBER 4, 2021

Europe’s General Data Protection Regulations (GDPR) changed the game. Legacy filing systems were not built to keep track of the personal data of specific individuals primarily to be in compliance with the many data protection regulations popping up around the world.

Personal data 187

Personal data Privacy Data Privacy Unstructured data 187

Hunton Privacy

JANUARY 20, 2022

On January 12, 2022, the French Data Protection Authority (the “CNIL”) published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or the development of new products and services) under the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”).

Personal data 137

Personal data GDPR Encryption IT 137

The Guardian Data Protection

NOVEMBER 21, 2022

In high court case that could set precedent for millions, Tanya O’Carroll alleges owner Meta is breaking UK data laws A human rights campaigner is suing Facebook’s owner in the high court, claiming the company is disregarding her right to object against the collection of her personal data.

Personal data 95

Personal data Privacy IT Security 95

DLA Piper Privacy Matters

AUGUST 4, 2022

On 3 August, the Indian Central Government withdrew the Personal Data Protection Bill, 2019 ( PDP Bill ). The PDP Bill, which has drawn criticism from both privacy advocates and industry stakeholders, was first published in 2018 and was to be India’s first law on the protection of personal data.

Personal data 97

Personal data Government Privacy IT 97

Data Breach Today

FEBRUARY 1, 2019

teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so.

Personal data 187

Personal data Privacy 187

Data Breach Today

JANUARY 13, 2021

Information Stolen From European Medicines Agency Documents on COVID-19 vaccines and medications - including some containing personal information - that were stolen in a cyberattack last month on the European Medicines Agency have been leaked on the internet.

Personal data 238

Personal data 238

Security Affairs

APRIL 11, 2021

An SQL database containing the personal data of 1.3 Researchers from Cyber News have discovered that the personal data of 1.3 million Clubhouse users was leaked online days after LinkedIn and Facebook also suffered data leaks. The post Personal data of 1.3 million scraped Clubhouse user records.

Personal data 144

Personal data Phishing Passwords Authentication 144

Security Affairs

JANUARY 27, 2023

A Dutch hacker who was arrested at the end of last year claims to have stolen the personal data of almost all Austrians. At the end of November 2022, the Amsterdam police arrested a 25-year-old man from Almere who is suspected of having stolen or traded the personal data of tens of millions of people around the world.

Personal data 80

Personal data Phishing Archiving Security 80

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia divya Thu, 02/02/2023 - 06:35 In response to the increased number of attacks targeting the personal data of millions of Indonesian citizens, the government passed the first Personal Data Protection (PDP) Law in 2022.

Personal data 71

Personal data Encryption Data breaches Authentication 71

DLA Piper Privacy Matters

SEPTEMBER 27, 2022

The Singapore Court of Appeal has recently clarified that ‘emotional distress’ is an actionable loss and damage under the existing right of private action of Personal Data Protection Act 2012 (“ PDPA “). For example, the Court observed that loss of control of personal data would not constitute loss or damage under the PDPA.

Personal data 98

Personal data Communications 98

Threatpost

AUGUST 13, 2020

Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.

Personal data 137

Personal data Access Data Privacy Privacy 137

Data Protection Report

FEBRUARY 28, 2020

The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Definition of Personal Data.

Personal data 93

Personal data Privacy Compliance Data breaches 93

DLA Piper Privacy Matters

MARCH 1, 2022

Meanwhile, a sometimes popular (mis)conception is that data protection laws – and particularly the GDPR – are a barrier to the effective use of personal data for research. The implication was that data controllers did not fully understand, and therefore were not effectively making use of, the research provisions.

Personal data 104

Personal data GDPR Data collection Archiving 104

Hunton Privacy

AUGUST 5, 2021

On August 2, 2021, the Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) announced that it had levied a €2,500,000 fine on Deliveroo Italy s.r.l.

Personal data 107

Personal data GDPR IT 107

The Guardian Data Protection

FEBRUARY 12, 2018

Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court.

Personal data 223

Personal data Privacy GDPR IT 223

The Guardian Data Protection

JANUARY 10, 2022

EU police body accused of unlawfully holding information and aspiring to become an NSA-style mass surveillance agency The EU’s police agency, Europol, will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog.

Personal data 145

Personal data Encryption Big data Privacy 145

Hunton Privacy

AUGUST 7, 2020

On July 13, 2020, a Committee of Experts within India’s Ministry of Electronics and Information Technology (“the Committee”) published the first draft of a Non-Personal Data Governance Framework for India for public consultation. address privacy concerns, including from re-identification of anonymized personal data.

Personal data 105

Personal data Government Metadata Privacy 105

Data Matters

MARCH 24, 2022

With federal consumer privacy bills gaining little traction, the Uniform Law Commission proposes the Uniform Personal Data Protection Act (UPDPA) as an alternative to the existing quilt of state consumer privacy laws. * This article first appeared in Legaltech News on March 22, 2024, available here.

Personal data 97

Personal data Privacy Data Privacy 97

Data Protection Report

FEBRUARY 25, 2020

Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Highlights of the CAC Circular.

Personal data 133

Personal data Data breaches Data Privacy Big data 133

DLA Piper Privacy Matters

JANUARY 19, 2023

On 12 January 2023, the European Court of Justice (“ CJEU ”) delivered its judgment regarding the right of access to personal data under Article 15 GDPR. The CJEU held that when exercising their right of access under the GDPR, data subjects must be provided with the individual data recipients of their personal data.

Personal data 59

Personal data GDPR Access Privacy 59

IT Governance

APRIL 22, 2021

TikTok is again being accused of illegally processing children’s personal data. She alleges that TikTok is violating the GDPR (General Data Protection Regulation) by collecting excessive data and failing to explain what it’s used for. TikTok has continually defended the way it processes children’s personal data.

Personal data 113

Personal data GDPR Privacy IT 113

Data Protection Report

FEBRUARY 1, 2021

On 29 January 2021, the Personal Data Protection Commission ( PDPC ) announced that certain sections of the Personal Data Protection (Amendment) Act 2020 (the PDPA Amendments ) will take effect from 1 February 2021 – please see PDPC’s announcement here ; the gazetted Commencement Notification here.

Personal data 98

Personal data Data breaches Authentication IT 98

Data Breach Today

JUNE 12, 2018

HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems.

Personal data 113

Personal data Data breaches Access IT 113

DLA Piper Privacy Matters

JANUARY 20, 2022

The Austrian Data Protection Authority ( “DPA” ) has recently published its decision concerning the use of Google Analytics. The User’s consent for the data transfer was not obtained. Background of the decision The decision in question comes following a complaint by the NGO ‘My Privacy is None of Your Business’ (“ noyb ”).

Personal data 98

Personal data Analytics GDPR Encryption 98

Collibra

NOVEMBER 13, 2020

The General Data Protection Regulation (GDPR), in force since May 25, 2018, requires businesses to protect the personal data and privacy of European Union (EU) citizens, for transactions that occur within EU Member States. The GDPR also regulates the exportation of personal data outside the EU. Location data .

GDPR 59

GDPR Personal data Data Privacy Privacy 59

IT Governance

AUGUST 19, 2021

T-Mobile has said that it has been hit by a “highly sophisticated cyberattack” that compromised the personal data of more than 7.8 In a statement , it confirmed that the stolen data included US customers’ full names, dates of birth, Social Security numbers and ID information. million customers.

Data breaches 106

Data breaches Personal data Security Government 106

DLA Piper Privacy Matters

APRIL 11, 2022

Given these higher financial penalties, organisations collecting, using or disclosing personal data in Singapore are recommended to carefully review their existing data protection programmes and processes to ensure compliance with the PDPA. of personal data); and. the Transfer Limitation Obligation (i.e.

Personal data 97

Personal data Cybersecurity Compliance Security 97

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Data breaches 95

Data breaches Personal data GDPR Data collection 95

Hunton Privacy

JANUARY 15, 2021

On December 16, 2020, the Committee of Experts within India’s Ministry of Electronics and Information Technology (MeitY) (the “Committee”) issued a revised report on the Non-Personal Data Governance Framework (the “NPDF”) for India (the “Revised Committee Report”).

Personal data 69

Personal data Government Privacy Information Security 69

Hunton Privacy

MAY 14, 2020

Pakistan’s Ministry of Information Technology and Telecommunication recently introduced a new draft of Pakistan’s Personal Data Protection Bill, 2020 (the “Bill”) and launched a public consultation regarding the same. In addition, personal data may not be transferred to any unauthorized person or system.

Personal data 85

Personal data Data breaches Access Government 85