[Webinar] EHS in the Cannabis Industry: What Happens When the E stands for Enforcement?
On August 21, 2024, the second expert committee appointed under the Thai Personal Data Protection Act (PDPA) of 2019, issued an administrative fine to a major private company involved in online sales. The company allowed a...more
The Belgian Supreme Court ruled in a judgment of Oct. 7, 2021 that a data subject has the right to lodge a complaint with the Data Protection Authority against a processing practice that violates the GDPR (in this case, the...more
China's draft Personal Information Protection Law (PIPL) has just gone through the second reading and is now near final form and expected to be finalized very soon. Once promulgated, it will be the first comprehensive law on...more
To enhance protection of personal data protection, the Hong Kong government currently is considering to raise the level of fines for offences under the Personal Data (Privacy) Ordinance and exploring the feasibility of...more
You are an American company. While you sell product or otherwise interact with Europe, and thereby collect personal information about European residents, you have no assets or facilities on that continent. Nonetheless, you...more
On December 2, 2019, President Putin signed the law regarding the introduction of administrative fines for failure to comply with personal data localization requirements set by the Law on Personal Data since September 1,...more
On June 13, 2019 a bill of law entered Russian State Duma to introduce to the Code of Administrative Offense administrative fines for failure to comply with the requirements for localization of processing of personal data of...more
The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world. Although the GDPR went into force on May 25, 2018, there continues to...more
Why does this topic matter to organisations? Whereas the remedies and sanctions available to DPAs under the Directive were comparatively low (generally subject to a maximum of less than €1 million per infringement, with...more
Article 83 of the GDPR provides for two levels of administrative fines: a lower level – maximum of €10 million or 2% of the global turnover – for violations relating to record-keeping, data security, data protection impact...more
On September 9, 2015, the Federal Service for Supervision of Communications, Information Technology and Mass Communications (the “Roskomnadzor”) reported on its website that it blocked an extensive online database of more...more