Companies subject to India’s new data protection law should assess practical implications.
The Indian parliament enacted India’s first comprehensive data protection law on 11 August 2023, namely the Digital Personal Data...more
The updated reform legislation provides welcome guidance and clarifications on aspects such as legitimate interests and accountability, without substantially shifting the approach proposed under the existing reform bill. ...more
UK government sets out ambitious proposal for reforming the UK data protection landscape.
On 17 June 2022, the Department for Culture, Media and Sport (DCMS) published its response to its consultation “Data: a new...more
7/13/2022
/ Consultation ,
Data Protection ,
e-Privacy Directive ,
Electronic Communications ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Regulatory Agenda ,
UK ,
UK GDPR
The French Data Protection Authority’s white paper discusses how companies can comply with data privacy and security obligations.
The use of card, contactless, and innovative digital payment solutions has significantly...more
11/9/2021
/ Anti-Money Laundering ,
Bank Secrecy Act ,
CNIL ,
Consultation ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
European Central Bank ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Mobile Payments ,
Open Payments ,
Payment Systems ,
PCI-DSS Standard ,
Personal Data ,
Sensitive Personal Information ,
White Papers
Companies have three months to prepare to use the latest standard contractual clauses for new data transfers, and 18 months to migrate existing arrangements.
On 4 June 2021, the European Commission released its...more
6/28/2021
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
As the Brexit transition period draws to a close, businesses will need to consider their data protection efforts to comply with both UK and EU regimes.
The end of the Brexit transition period on 31 December 2020 will have...more
The European Commission has published draft updated standard contractual clauses in light of the Schrems II decision.
On 12 November 2020, the European Commission (the Commission) published a draft implementing decision,...more
12/8/2020
/ Data Controller ,
Data Processors ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
Personal Data ,
Public Consultations ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
The EDPB takes a strict approach in its recent guidance on international data transfers following Schrems II, posing a difficult challenge for businesses.
On 10 November, the European Data Protection Board (EDPB) released...more
A ruling by the EU’s top court invalidates the key mechanism for transferring personal data from the EU to the US and imposes additional conditions for use of the standard contractual clauses.
On 16 July 2020, the Court of...more