The Online Safety Act (the OSA) received Royal Assent on 26 October 2023 and is now in force.
The OSA establishes an extensive regulatory framework for providers of online user-to-user services and search services with...more
8/16/2024
/ Compliance ,
Compliance Dates ,
Digital Service Providers ,
Digital Services ,
Enforcement ,
New Legislation ,
OFCOM ,
Online Marketplace ,
Online Platforms ,
Online Safety for Children ,
Regulatory Requirements ,
Search Engines ,
Social Media ,
UK ,
User-Generated Content
Companies subject to India’s new data protection law should assess practical implications.
The Indian parliament enacted India’s first comprehensive data protection law on 11 August 2023, namely the Digital Personal Data...more
Artificial Intelligence has the potential to be the next transformational technology, and as adoption of AI-powered tools continues to increase, deal activity in the AI space will follow. Regulators and law makers are...more
Organisations must provide individuals with information on the specific recipients of their data upon request.
The Court of Justice of the European Union (CJEU) has ruled that organisations must generally disclose the...more
The CJEU’s final ruling could subject companies to direct GDPR enforcement by DPAs notwithstanding national procedural rules, but may rule against strict liability under the GDPR.
On 27 April 2023 Advocate General of the...more
The updated reform legislation provides welcome guidance and clarifications on aspects such as legitimate interests and accountability, without substantially shifting the approach proposed under the existing reform bill. ...more
Organisations should expect increased scrutiny and enforcement activity around the role of data protection officers in the coming year.
The European Data Protection Board (EDPB) has announced that its coordinated...more
3/27/2023
/ Court of Justice of the European Union (CJEU) ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
EU ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Harmonization ,
Personal Data
The Digital Services Act (DSA) is a key part of the European Union’s (EU) digital regulation strategy, which seeks to modernise legal frameworks and create a safer and more open digital environment.
The DSA entered into...more
The directives aim to assist claimants in proving the causation of damages and product defectiveness in complex AI systems, creating legal certainty for providers.
On 28 September 2022, the European Commission issued two...more
Navigating evolving digital economy regulation requires a sophisticated and proactive approach from dealmakers.
Amid the ongoing global proliferation of regulation governing the digital economy, EU and UK legislators are...more
The Information Commissioner’s Office published draft guidance on privacy enhancing technologies that can be used to comply with privacy-by-design requirements.
On 7 September 2022, the Information Commissioner’s Office...more
Last year, the UK Department of Digital, Culture, Media and Sport (DCMS) published its 10- year National AI Strategy for the regulation and promotion of artificial intelligence (AI) in the UK (Report). DCMS seeks to build...more
9/26/2022
/ Artificial Intelligence ,
Copyright ,
Cybersecurity ,
Defense Sector ,
Ethics ,
Health and Safety ,
Information Commissioner's Office (ICO) ,
Intellectual Property Protection ,
Patents ,
Regulatory Oversight ,
Risk Management ,
Strategic Planning ,
UK ,
White Papers
A year on from the national implementation deadline of the Directive on copyright in the Digital Single Market, the CJEU has upheld controversial Article 17.
In September 2016, the European Commission announced its...more
Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role.
The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more
8/19/2022
/ Anonymization ,
Compliance ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Security ,
Electronic Communications ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Personal Data ,
Proposed Legislation ,
UK ,
UK Data Protection Act
The bill would largely build on the UK data protection regime’s EU GDPR-style framework, albeit with UK-specific provisions.
The UK government introduced the Data Protection and Digital Information Bill (the Bill) to...more
UK government sets out ambitious proposal for reforming the UK data protection landscape.
On 17 June 2022, the Department for Culture, Media and Sport (DCMS) published its response to its consultation “Data: a new...more
7/13/2022
/ Consultation ,
Data Protection ,
e-Privacy Directive ,
Electronic Communications ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Regulatory Agenda ,
UK ,
UK GDPR
The Advocate General argues that organisations should provide individuals with information on the specific recipients of their personal data.
Advocate General Giovanni Pitruzzella (AG) of the Court of Justice of the...more
The EDPB sets out relevant steps and factors that EU supervisory authorities should consider when calculating administrative fines under the GDPR.
On 16 May 2022, the European Data Protection Board (EDPB) adopted draft...more
6/1/2022
/ Data Controller ,
Data Processors ,
Data Protection ,
Draft Guidance ,
European Data Protection Board (EDPB) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Infringement ,
Personal Data ,
Statutory Penalties ,
Trademark Infringement
The French Data Protection Authority’s white paper discusses how companies can comply with data privacy and security obligations.
The use of card, contactless, and innovative digital payment solutions has significantly...more
11/9/2021
/ Anti-Money Laundering ,
Bank Secrecy Act ,
CNIL ,
Consultation ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
European Central Bank ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Mobile Payments ,
Open Payments ,
Payment Systems ,
PCI-DSS Standard ,
Personal Data ,
Sensitive Personal Information ,
White Papers
Recent developments at the CJEU give some shape to the practical implications of Article 17 of the Copyright Directive.
7 June 2021 was the implementation deadline for the Copyright in the Digital Single Market Directive...more
The proposals includes fines for non-compliance of up to the greater of £18 million or 10% of a provider’s annual global revenue.
On 12 May 2021, the UK government published the Online Safety Bill (the Bill), which aims...more
6/28/2021
/ Digital Service Providers ,
Digital Services ,
Duty of Care ,
EU ,
New Legislation ,
OFCOM ,
Online Marketplace ,
Online Platforms ,
Proposed Legislation ,
Regulatory Requirements ,
Search Engines ,
Social Media ,
UK ,
User-Generated Content
Companies have three months to prepare to use the latest standard contractual clauses for new data transfers, and 18 months to migrate existing arrangements.
On 4 June 2021, the European Commission released its...more
6/28/2021
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
Beyond creative works and consumer products, NFTs open up new avenues for IP monetisation in the technology, life sciences, and pharmaceutical industries.
Non-fungible tokens (NFTs), one-of-a-kind cryptoassets stored on...more
6/25/2021
/ Anti-Money Laundering ,
Blockchain ,
Cryptoassets ,
Cryptocurrency ,
Digital Assets ,
EU ,
Know Your Customers ,
Life Sciences ,
MiFID ,
Non-Fungible Tokens (NFTs) ,
Technology Sector ,
Token Sales ,
UK
Die Datenschutzorganisation noyb droht mit über 10.000 Beschwerden wegen möglicher rechtswidriger Verwendung von Cookies.
Am 31. Mai 2021 startete die Datenschutzorganisation noyb (die Abkürzung steht für „none of your...more
The privacy organisation noyb will file more than 10,000 complaints for use of cookies contrary to its interpretation of compliance.
On 31 May 2021, the nonprofit privacy organisation noyb (short for “none of your...more