Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. The deadline for responding to the consultation is 19 November 2021. Core elements of the GDPR: legal bases / conditions.

Government 120

Government FOIA GDPR Compliance 120

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

The government has today published its eagerly awaited Consultation Paper on Reforms to the UK Data Protection Regime – ‘Data: A New Direction’ (“ Consultation Paper ”), setting out the specific areas for regulatory reform of the UK’s data protection regime.

Government 104

Government Paper Personal data GDPR 104

Data Matters

OCTOBER 21, 2021

On 22 September 2021, the UK Government (the “ Government ”) published its Artificial Intelligence (“ AI ”) strategy. The paper outlines the Government’s plan to make Britain a “global superpower” in the AI arena, and sets out an agenda to build the most “pro-innovation regulatory environment in the world”.

Artificial Intelligence 166

Artificial Intelligence Government Paper IT 166

erwin

JANUARY 7, 2021

Our predictions for 2021 are rooted in what we’ve learned from the past year and the relevance of data in getting us to where we are and where we need to go. Historically, moving legacy data to the cloud hasn’t been easy or fast. However, that definition is too narrow in terms of AI’s relation to data governance.

Metadata 98

Metadata Government Compliance Artificial Intelligence 98

IT Governance

MARCH 17, 2022

million) for twelve breaches of EU data protection rules. The tech giant, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements, and more than 30 million people have been affected. Facebook’s failure to adopt these measures doesn’t necessarily mean that personal data was breached.

GDPR 93

GDPR Personal data Encryption Compliance 93

Hunton Privacy

JANUARY 24, 2022

The Austrian data protection authority (the “Austrian DPA”) recently published a decision in a case brought against an Austrian website provider and Google by the non-governmental organization co-founded by privacy activist Max Schrems, None of Your Business (“NOYB”). Background. intelligence agencies under U.S. intelligence agencies.

Analytics 83

Analytics GDPR Personal data Data collection 83

IT Governance

JANUARY 10, 2022

For many, 2021 was a year to forget. The cyber security landscape offered similarly familiar topics: there were huge data breaches at Facebook and LinkedIn, while the threat of ransomware reached catastrophic levels. 2021 got off to an inauspicious start when cyber security researchers reported a huge leak of Brazilian residents’ data.

Security 107

Security Data breaches Ransomware Phishing 107

IT Governance

JANUARY 27, 2021

As organisations become increasingly reliant on the use of personal data, the risks they face grow exponentially. Here are our five key data privacy trends for this year. Another big concern for organisations operating in the UK and the EU is how to transfer personal data between the UK and the EU.

Privacy 96

Privacy GDPR Data Privacy Personal data 96

Hunton Privacy

DECEMBER 16, 2021

On December 6, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP published a white paper on “ Bridging the DMA and the GDPR – Comments by the Centre for Information Policy Leadership on the Data Protection Implications of the Draft Digital Markets Act ” (the “White Paper”).

Paper 111

Paper GDPR Marketing Compliance 111

DLA Piper Privacy Matters

SEPTEMBER 15, 2021

By the end of the 2018, the Spanish Parliament belatedly completed the framework provided by EU’s GDPR approving a new Data Protection Act. All this local gold-plating may have now been blown-out by a decision of the Spanish Supreme Court dated 14 September 2021. It could have stopped there.

GDPR 130

GDPR Privacy Government Personal data 130

DLA Piper Privacy Matters

SEPTEMBER 6, 2021

On 2 September 2021, the Data Protection Commission (DPC) announced it has imposed a €225 million administrative fine against WhatsApp Ireland Limited , as well as a reprimand and an order to bring its processing into compliance. This is the highest GDPR fine ever issued by the DPC, and the second highest by any EU regulator to date.

GDPR 105

GDPR Personal data Communications e-Delivery 105

DLA Piper Privacy Matters

NOVEMBER 24, 2021

On 19 November, the European Data Protection Board (‘ EDPB ‘) published, its draft Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (“ Guidelines ”). This controller or processor (i.e. This controller or processor (i.e.

GDPR 104

GDPR Personal data Access Risk 104

Hunton Privacy

DECEMBER 28, 2020

For data protection purposes, there is a further transition period of up to six months to enable the European Commission to complete its adequacy assessment of the UK’s data protection laws. For the time being, personal data can continue to be exported from the EU to the UK without implementing additional safeguards.

Personal data 131

Personal data IT GDPR Privacy 131

Data Matters

SEPTEMBER 23, 2021

On August 20, 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL), which will become effective starting November 1, 2021. As an overarching law in China with respect to data privacy, PIPL shares many similarities with the EU General Data Protection Regulation (GDPR).

Data Privacy 94

Data Privacy Compliance Privacy Personal data 94

Data Matters

AUGUST 23, 2021

On 11 August 2020, the UK Information Commissioner’s Office ( ICO ) launched a public consultation on its draft international data transfer agreement and guidance ( Consultation ). Moreover, the ICO has not yet formally acknowledged the EU SCCs, i.e. , as a valid data transfer mechanism under the UK GDPR.

GDPR 148

GDPR Risk Personal data IT 148

Hunton Privacy

SEPTEMBER 15, 2021

On September 10, 2021, the UK Government Department for Digital, Culture, Media & Sport (“DCMS”) launched a consultation on its proposed reforms to the UK data protection regime. Organizations are encouraged to provide input on a range of data protection proposals, some of which are outlined below.

GDPR 109

GDPR Personal data Risk Communications 109

Data Matters

OCTOBER 22, 2021

On September 21, 2021, Sidley partners Alan Raul and William Long engaged in a fireside chat with Elizabeth Denham and Claudia Berg of the United Kingdom (UK) Information Commissioner’s Office (ICO). Elizabeth Denham is due to end her five-year tenure as UK Information Commissioner on October 31, 2021.

Government 86

Government Risk Artificial Intelligence Data breaches 86

Hunton Privacy

JANUARY 6, 2022

reports that on December 16, 2021, the Indian Joint Parliamentary Committee (the “JPC”) submitted its report on India’s draft Data Protection Bill (the “Bill”). Many of the proposed changes to the Bill in the revised draft relate to the powers of the government and issues to be considered by the DPA in making its decisions.

Personal data 129

Personal data Data breaches Government GDPR 129

DLA Piper Privacy Matters

JANUARY 28, 2022

On behalf of DLA Piper’s Global Data Protection team, we would like to wish you a happy International Data Protection Day 2022. Data Protection Laws of the World. To celebrate International Data Protection Day, we are delighted to launch our annual update to the Data Protection Laws of the World guide.

GDPR 98

GDPR Privacy Data breaches Personal data 98

Hunton Privacy

SEPTEMBER 7, 2021

The guidance, for example, assists companies in determining whether the EU General Data Protection Regulation (“GDPR”) and/or Swiss data protection law should govern the data transfers. The Swiss DPA also published a guidance document to help companies make the necessary amendments and adaptations to the SCCs.

GDPR 109

GDPR Personal data Government 109

Thales Cloud Protection & Licensing

MARCH 1, 2021

Data Beyond Borders: The Schrems II Aftermath. Tue, 03/02/2021 - 07:06. On July 16, 2020 the Court of Justice of the European Union issued the Schrems II decision in the case Data Protection Commission v. companies rely to conduct trans-Atlantic trade in compliance with EU data protection rules. Facebook Ireland.

GDPR 142

GDPR Compliance Privacy Cloud 142

Security Affairs

JUNE 1, 2021

In today’s world, information and data means money and the people that are stealing the information have now reached new levels of sophistication. Interestingly, close to a half of all affected victims by Prometheus – paid ransom payment or their data has been sold to other parties interested in it. prometheushelp@airmail.cc

Sales 88

Sales Ransomware Government GDPR 88

eSecurity Planet

DECEMBER 1, 2021

Businesses that have spent the past three-plus years adapting to the European Union’s far-reaching data privacy law now have to decide how they will respond to a similar law in China that has been criticized as being more vague in its wording and harsher in its penalties. Spread of Data Privacy Laws. Responsibilities and Penalties.

Data Privacy 131

Data Privacy Privacy GDPR Data collection 131

CILIP

NOVEMBER 16, 2021

Will reforms take the DP out of GDPR? A look at changes to data protection as the Government proposes a new risk management approach. The Government has published a consultation on reforms to data protection laws designed ?to to break down barriers to innovative and responsible uses of data so it can boost growth?

GDPR 52

GDPR Personal data Government Risk 52

IT Governance

MARCH 24, 2022

That figure might not come as a surprise, given the growing awareness of data privacy. There are regular news stories of data breaches, while the GDPR (General Data Protection Regulation) has changed the way organisations handle personal data. million accounts belonging to Brits were compromised in 2021.

Data Privacy 96

Data Privacy Privacy Data breaches GDPR 96

Security Affairs

SEPTEMBER 26, 2023

Data lineage is the visualization and tracking of data as it moves through various stages of its lifecycle. In an age where data drives decisions and fuels innovation, understanding the journey of data from its inception to its final destination is paramount. Data lineage provides this understanding.

Compliance 110

Compliance Encryption Access Cybersecurity 110

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements andrew.gertz@t… Tue, 08/29/2023 - 13:41 Modern-day business transactions heavily rely on international data transfers. In 2021, 93% of the UK's services exports were data-enabled, resulting in over £79 billion worth of services exported to the US.

Personal data 62

Personal data Data Privacy Privacy GDPR 62

Data Matters

FEBRUARY 4, 2022

On 28 January 2022, the UK Government Department for Digital, Culture, Media & Sport ( DCMS ) laid before the UK Parliament its International Data Transfer Agreement ( IDTA ) and International Data Transfer Addendum ( UK Addendum ) to the European Commission’s Standard Contractual Clauses ( EU SCCs ). Key takeaways.

GDPR 117

GDPR Personal data IT Compliance 117

Hunton Privacy

AUGUST 20, 2021

On August 20, 2021, China’s 13 th Standing Committee of the National People’s Congress passed the Personal Information Protection Law (the “PIPL”). As we previously reported , the PIPL is China’s first comprehensive data protection law. The PIPL will become effective on November 1, 2021. Application of the PIPL.

GDPR 111

GDPR Government Access Security 111

DLA Piper Privacy Matters

JANUARY 4, 2023

On 19 December 2022 the UK government’s first data adequacy decision of the post-Brexit era came into effect. Under the Data Protection (Adequacy) (Republic of Korea) Regulations 2022, the UK formally determined that the Republic of Korea provides an adequate level of data protection for the purposes of the UK GDPR.

GDPR 52

GDPR Personal data Privacy Data Privacy 52

DLA Piper Privacy Matters

FEBRUARY 23, 2022

The European Commission today presented its second instrument in the European Data Strategy; a “Regulation on harmonised rules on fair access to and use of data”, better known as the Data Act. In the proposal, “data” is broadly defined and contains both personal and non-personal data.

GDPR 97

GDPR Personal data IoT Access 97

DLA Piper Privacy Matters

NOVEMBER 29, 2021

On 16 November 2021, the French data protection supervisory authority (the “CNIL”) published a practical guide (“Guide”) on Data Protection Officers (“DPOs”). The DPO is responsible for the monitoring of the organization’s compliance with the GDPR. Be the point of contact on GDPR issues.

GDPR 116

GDPR Compliance Personal data Communications 116

Data Matters

JUNE 18, 2021

The European Commission has formally launched its legislative initiative aimed at increasing access to and further use of data, so that more public and private actors can benefit from technologies such as Big Data and machine learning. Data Act ‘Inception Impact Assessment’ – invitation to comment.

IT 72

IT Cloud Big data Personal data 72

Hunton Privacy

JANUARY 13, 2022

On December 31, 2021, the French Data Protection Authority (the “CNIL”) imposed a €150,000,000 fine on Google and a €60,000,000 fine on Facebook (now Meta) for violations of French rules on the use of cookies. Background. CNIL’s Decisions and Sanctions.

GDPR 105

GDPR Privacy Government IT 105

DLA Piper Privacy Matters

JUNE 28, 2021

Today, the European Commission has adopted two adequacy decisions for transfers of personal data to the United Kingdom, one under the General Data Protection Regulation (“ GDPR ”) and the other for the Law Enforcement Directive (“ LED ”). This will be welcomed by the UK Government. Key points to note.

GDPR 116

GDPR Personal data Government Access 116

IT Governance

APRIL 22, 2021

TikTok is again being accused of illegally processing children’s personal data. She alleges that TikTok is violating the GDPR (General Data Protection Regulation) by collecting excessive data and failing to explain what it’s used for. TikTok has continually defended the way it processes children’s personal data.

Personal data 115

Personal data IT GDPR Privacy 115

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. In recent years, costly breaches and evolving data security concerns have bubbled up to a board level agenda item.

Data Privacy 118

Data Privacy Privacy Security Encryption 118