E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
Are you responsible for privacy compliance at your company? Sharpen your pencils and grab your highlighters for this three-part series on critical privacy laws, DPOs and privacy officers (and when you should appoint one), and...more
Singapore Personal Data Protection Commission (PDPC) has published a guide on data protection in the blockchain. Some key points: Permissionless blockchain: •Any personal data published in-clear is a form of public...more
Recent weeks have seen a flurry of activity in China’s regulation of international data transfers. Three principal data laws, the Cyber Security Law (“CSL”), the Data Security Law (“DSL”) and the Personal Information...more
Since the General Data Protection Regulation (GDPR) was enacted a little over 3 years ago in May 2018, many organizations that collect personal data of individuals in the European Union (EU) have enhanced their data privacy...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
Efforts to Delay the LGPD Fail - As noted by our firm earlier this spring, Brazilian authorities have considered delaying the General Personal Data Protection Law’s (“Lei Geral de Proteção de Dados” or “LGPD”) effective...more
Even though the General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, its application to U.S.-based employers continues to evolve and increase in complexity. For U.S. employers of European Union (“EU”)...more
Foreword - European data protection laws have made significant strides in the last two decades. Privacy and data protection laws have undergone dramatic changes over the last 20 years, in a race to keep up with technology....more
Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more
Overview of key issues - The GDPR raises a number of key issues that organisations should consider, including the following...more
With a “No Deal” Brexit seeming more likely than ever after the UK Parliament voted down a proposed deal in January 2019, concerns are rapidly multiplying about the effects of such a withdrawal from the EU for organizations...more
On July 10, 2018, the Brazilian Federal Senate approved a General Data Protection Regulation (“Lei Geral de Proteção de Dados” or “LGPD”). The bill, was largely inspired by the European General Data Protection Regulation...more
In this month's edition of our Privacy & Cybersecurity Update, we examine a declaration on ethical considerations for artificial intelligence, the annual joint review of the Privacy Shield, a new lawsuit from a snack food...more
As organizations continue to grapple with the requirements of the EU General Data Protection Regulation (GDPR) even months after its effective date, one thing is clear: The impact of the regulation extends far beyond an...more
The Development: Brazilian President Michel Temer enacted the Brazilian General Data Protection Law on August 14, 2018. The Purpose: The newly enacted General Data Protection Law is intended to regulate the treatment of...more
Throughout history, people have waged sectarian fights to protect their beliefs. The Europeans, sitting at a crossroads of two major religions charged with converting the unenlightened, have a particularly combative past. ...more
Shortly after the GDPR’s entry into application on May 25, 2018, several EU Supervisory Authorities have activated online Data Protection Officer (“DPO”) notification tools, allowing organizations to communicate the contact...more
This Friday is the deadline for General Data Protection Regulation (“GDPR”), yet many companies are still in the process of planning for compliance. Companies not able to meet the deadline may want to consider,...more
In February 2014 the U.S. National Institute of Standards in Technology (‘NIST’) published the ?rst NIST Cybersecurity Framework, responding to an Executive Order on improving critical infrastructure cybersecurity issued by...more
Editor’s Note: Strictly speaking, this blog post isn’t really about human resources management or employment law. But it might be; the GDPR is vaguely written and it is not at all clear how it will be applied in relation to...more
On May 25, 2018, the General Data Protection Regulation (GDPR) goes into effect. Are you ready? Who’s affected? Organizations, anywhere in the world, that process the personal data of European Union (EU) residents...more