In this episode of our Ukraine Crisis video series, Amy Jacks (Restructuring partner, London) asks Rajesh De (Global Head of Cybersecurity & Data Privacy, and member of the firm’s global Management Committee) ten key questions on cybersecurity.

Raj discusses how recent hostilities in Ukraine have contributed to the increase in the scope, scale and severity of the cyber threat, and predicts that the longer the conflict continues, the more likely we are to see cyber attacks used as a tactic.

The series focuses on the fast-evolving crisis in Ukraine with each episode concentrating on specific points of discussion. It provides clients with a quick and easy way to stay on top of the rapidly developing situation and provides them with insights that will allow them to assess the impact of significant developments on their business and manage those risks.

View the video.

The Brazilian Data Protection Authority (ANPD) has issued important guidance covering a variety of privacy aspects including security measures, determining controller and processor capacities, and how the ANPD administrative process will be applied to investigating companies and imposing penalties.

Continue reading.

The UK Government has published its response to the consultation on its proposed reform of the UK’s data protection regime (which we have provided further information on in our previous legal update available here.) Whilst the UK Government has proposed several incremental reforms to the UK’s data protection laws that will diverge from the standards set under the European General Data Protection Regulation (“EU GDPR”), the proposals fall short of the extensive reform, or replacement, of UK GDPR previously considered.

Continue reading.

On Monday, Provisional Measure No. 1,124 was published, amending Law No. 13,709 of 2018—the Brazilian General Personal Data Protection Law (LGPD)—which brings significant changes to the configuration of the Brazilian National Data Protection Authority (ANPD).

Continue reading.

On 25 May 2022, the European Commission published Questions and Answers for the New  Standard Contractual Clauses to provide practical guidance on the use of standard contractual clauses (SCCs) and help organisations with their General Data Protection Regulation (GDPR) compliance efforts. The Commission confirmed that the Q&A document will be regularly updated.

Continue reading.

On May 26, 2022, the US Department of Commerce’s Bureau of Industry and Security (“BIS”) published a final rule revising the restrictions on the export, reexport and transfer (in-country) of certain “cybersecurity items” used for malicious cyber activities (“final rule”). Effective immediately upon publication, the final rule amends the October 21, 2021, interim final rule that went into effect on March 7, 2022. This Legal Update provides further detail.

Continue reading.

On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued a Guidance Note on the Recommended Model Contractual Clauses for Cross-border Transfers of Personal Data (2022 Guidance).

The 2022 Guidance is split into three “parts”:

  1. Part 1 is an introduction of the 2022 Guidance and the rationale underpinning it;
  2. Part 2 is an explanation on the use of the Recommended Model Contractual Clauses; and
  3. Part 3 is the Schedule which sets out the recommended model clauses.

Continue reading.

On May 19, 2022, the Federal Trade Commission (FTC) unanimously approved a policy statement on education technology (EdTech) and the Children’s Online Privacy Protection Act (COPPA). Characterized as part of a larger effort to “crack down on companies that illegally surveil children learning online,” the policy statement itself merely highlights pre-existing obligations under COPPA for companies that knowingly process children’s data to minimize the data collected and to employ appropriate security to protect that data.

Continue reading.

On May 11, 2022, the Senate confirmed President Biden’s appointment of Alvaro Bedoya to fill the vacant Democratic seat on the Federal Trade Commission (FTC). Commissioner Bedoya’s confirmation gives the Democratic commissioners a voting majority on the Commission, and we expect the FTC will pursue actions previewed by Chair Lina Khan. In this Legal Update, we highlight the major areas where Commissioner Bedoya’s presence will likely make an immediate impact, including in privacy rulemaking.

Continue reading.