Data Protection Authority

Companies that rely on standard contractual clauses for transferring personal data from the United Kingdom to jurisdictions not considered to offer an adequate level of data protection under the UK General Data Protection Regulation can no longer use the old EU standard contractual clauses in new contracts as of today, Wednesday 21 September 2022.

The Brazilian Data Protection Authority (ANPD) has issued important guidance covering a variety of privacy aspects including security measures, determining controller and processor capacities, and how the ANPD administrative process will be applied to investigating companies and imposing penalties.

Continue reading.

The UK Government has published its response to the consultation on its proposed reform of the UK’s data protection regime (which we have provided further information on in our previous legal update available here.) Whilst the UK Government has proposed several incremental reforms to the UK’s data protection laws that will diverge from the

On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued a Guidance Note on the Recommended Model Contractual Clauses for Cross-border Transfers of Personal Data (2022 Guidance).

The 2022 Guidance is split into three “parts”:

  1. Part 1 is an introduction of the 2022 Guidance and the rationale underpinning it;
  2. Part 2

In line with the government’s commitments in its 2022 National Cyber Strategy, the Department for Digital, Culture, Media & Sport (DCMS) launched a consultation on 19 January 2022 outlining its proposals for new measures to strengthen the cyber security of businesses in the UK.

The UK government acknowledges that a new legal framework needs

The UK Online Safety Bill was proposed by the UK government to establish a new regulatory framework to tackle harmful content online and usher in a new age of accountability for tech companies. The bill will impose a duty of care on companies that offer user-generated content, in addition to search engines, to protect users

In August 2021, the ICO launched a consultation on replacing the use of the old EU based standard contractual clauses for international transfers of personal data outside of the UK (“Old SCCs“) with new transfer tools to reflect the post-Brexit environment. Following the end of that consultation, the Department for Culture, Media and