On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more
On January 23, 2025, Mrs Justice Collins Rice of the UK High Court issued a ruling in the case of RTM v Bonne Terre Limited and Hestview Limited (trading as Sky Betting and Gaming, (SBG)). The claim - The judgment...more
On September 7, 2023, the Saudi Authority for Data and Artificial Intelligence (SDAIA) issued the Implementing Regulations of the Personal Data Protection Law (the Implementing Regulations) and the Regulations on Personal...more
The amendment proposes business-friendly changes regarding data localization and legitimate interests. On November 20, 2022, the Saudi Data and AI Authority (SDAIA) published an amended version of the Kingdom of Saudi...more
The Information Commissioner's Office (ICO) has published new guidance on direct marketing using electronic mail and live calls, aimed at providing a more detailed overview of the rules on direct marketing as well as...more
On 21 September 2022, the Indian Ministry of Communications published a draft Telecommunication Bill 2022 for consultation (the Bill). In addition to licensing and regulatory issues, the Bill also addresses direct marketing...more
On 10 February 2021, the Council of the European Union (Council) agreed its negotiating mandate for the proposed Regulation on Privacy and Electronic Communications (ePR), which will replace the current ePrivacy Directive...more
Recent M&A deals the teams have worked on involving insolvent corporates have highlighted the challenges which exist around the transfer of customer lists and databases, which are often a significant asset for the buyer. ...more
On April 30, 2020, the French data protection authority, the CNIL, published a guidance surrounding considerations behind what it calls “commercial prospecting,” meaning scraping publicly available website data to obtain...more
On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data...more
Every day, direct marketing communications are addressed to billions of people who are targeted as a result of the processing of their personal data. Against this background, the Belgian Data Protection Authority (the...more
The Dutch Data Protection Authority has written to the Dutch Banking Association to state that processing customers' transaction data for direct marketing purposes may not be in compliance with the General Data Protection...more
In the wake of a recent announcement by a major Dutch bank that it would start providing its customers with personalized advertisements based on their spending patterns, the Dutch Data Protection Authority (DPA) has sent a...more
Why does this topic matter to organisations? EU data protection law provides data subjects with a wide array of rights that can be enforced against organisations that process personal data. These rights may limit the...more
The DIFC guidelines provide practical guidance for DIFC-registered entities engaging in electronic direct marketing, including useful “dos” and “don’ts”. What Do DIFC-Registered Entities Need to Know? In January 2019,...more
In November, the German Data Protection Conference (committee of the independent German federal and state data protection supervisory authorities) (“DSK”) published a guidance on the processing of personal data for direct...more
The European Union’s General Data Protection Regulation (“GDPR”) is arguably the most comprehensive – and complex – data privacy regulation in the world. As companies prepare for the GDPR to go into force on May 25, 2018,...more
One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent. For many years, companies operating in...more
Data brokers are organisations that obtain data from a variety of sources and then sell or license it to third parties. Many trade in personal data, which is purchased by their customers for several purposes, most commonly to...more
The European Commission has released proposals for new legislation that seeks to create stronger privacy in electronic communications. The draft Privacy and Electronic Communications Regulation (the “Regulation”) is intended...more
January 10, 2017 marked another important step towards reform of the EU data protection framework, with the release of the EU Commission’s proposals for a new Regulation governing privacy and electronic communications. ...more