Data Protection Authority, Personal Data, Regulatory Requirements

CHINA: DPOs Must Be Registered Before 29 August 2025

DLA Piper on 7/21/2025

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

Alston & Bird on 3/21/2025

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more

Don’t Forget the EU: Italy Issued First GenAI Fine of €15 Million Alleging GDPR Violations

Sheppard Mullin Richter & Hampton LLP on 1/29/2025

At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more

VIETNAM, MALAYSIA AND INDONESIA: What You Need to Know About the New SE Asia Data Protection Laws

DLA Piper on 11/7/2024

It’s the turn of South-East Asian countries to update their data protection laws. Here is our summary of the proposed new data protection laws in Vietnam, Malaysia and Indonesia. Organisations are advised to update their data...more

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on international data transfers

A&O Shearman on 10/21/2024

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more

Analysing the CNIL’s Latest Recommendations for AI Systems

BCLP on 6/28/2024

Following the very recent adoption of the EU Regulation on AI (the AI Regulation) the CNIL (the French data regulator) has issued the second in its series of recommendations for the development of privacy-friendly AI models....more

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on 2/29/2024

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

The Future of Privacy Regulation

WilmerHale on 4/22/2022

U.S. privacy law is undergoing dramatic change on an accelerating pace. New laws across the country address specific industries, certain kinds of data, and various concerning practices. There is international pressure to...more

The Spanish DPA's new take on cookies: back to express consent

Hogan Lovells on 7/31/2020

Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more

The Belgian Data Protection Authority Publishes Recommendation Concerning Data Processing for Direct Marketing Purposes

Hogan Lovells on 3/6/2020

On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data...more

New PDPC guidelines on cloud services, data intermediaries, and access requests

Hogan Lovells on 12/2/2019

As the issues surrounding data protection become increasingly complex, in recent years the advisory guidelines (Guidelines) issued by the Personal Data Protection Commission of Singapore (PDPC) have been invaluable in guiding...more

Data Protection Authority › Personal Data › Regulatory Requirements

"My best business intelligence, in one easy email…"