Podcast - Operationalizing Data Protection: Build Trust, Not Just Compliance
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
Malaysia’s Personal Data Protection Commissioner (“PDPC”) has recently issued three new guidelines clarifying key concepts under the Personal Data Protection Act 2010 (“PDPA”), covering: • Data Protection Impact...more
Legal Break - What’s new in the Digital Omnibus? In this episode of Legal Break, Alessandro Ferrari from DLA Piper takes a closer look at the Digital Omnibus and the main changes and simplification measures it...more
China is closing out 2025 with significant steps to reinforce its data protection and cybersecurity regime. In the past month, Chinese regulators have unveiled multiple key draft regulations for public comments....more
At long last, on November 13, 2025, India’s Ministry of Electronics and Information Technology (MeitY) released the Digital Personal Data Protection Rules (Rules), which operationalize the Digital Personal Data Protection...more
After legal review following the expected notification date at the end of September, India's government has notified the Digital Personal Data Protection Rules, 2025 ("Final Rules") under the Digital Personal Data Protection...more
In Israel, it has long been established that employees have a legitimate expectation of privacy in the workplace. Effective as of 14 August 2025, a new amendment (‘Amendment 13’) to the Protection of Privacy Law introduces a...more
In the newest episode of his "Two Byte Conversations" podcast, Data Strategy, Security & Privacy attorney Kevin Angle is joined by privacy officer Aaron Mendelsohn to discuss the ins and outs of building a privacy program and...more
On 18 July 2025, China’s Cyberspace Administration (CAC) officially launched its online portal (Portal) for registration of China Data Protection Officers (China DPO). This operationalizes the requirements under Article 52 of...more
Vietnam's data privacy landscape is undergoing a significant transformation with the recent enactment of the Law on Personal Data Protection (PDP Law), effective from 1 January 2026. This new law marks a pivotal step in...more
Thailand's Personal Data Protection Committee (“PDPC”) has significantly intensified its enforcement of Thailand's Personal Data Protection Act B.E. 2562 (2019) (“PDPA”), announcing on 1 August 2025 eight new administrative...more
On 30 July 2025, the Indonesian Constitutional Court (“Court”) issued a landmark ruling, Decision No. 151/PUU-XXII/2024 (“Decision 151”), which significantly broadens the scope of mandatory Data Protection Officer (“DPO”)...more
The Italian Data Protection Authority’s recent decision provided guidance on the true meaning of personal data anonymization and the crucial distinction between the DPO as a monitor – not an executor. In a world driven by AI...more
On 20 March 2025, the Nigeria Data Protection Commission (Commission), issued the General Application and Implementation Directive (GAID). The GAID serves as a regulatory framework for implementing the Nigeria Data...more
A labour court in Brussels has issued one of the first published rulings on the question of whether Data Protection Officers are entitled to compensation if they are fired for performing their duties....more
Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
In 2024, Israel became the latest jurisdiction to enact comprehensive privacy legislation, largely inspired by the EU’s General Data Protection Regulation (“GDPR”). On August 5, 2024, Israel’s parliament, the Knesset, voted...more
On August 21, 2024, the second expert committee appointed under the Thai Personal Data Protection Act (PDPA) of 2019, issued an administrative fine to a major private company involved in online sales. The company allowed a...more
The Brazilian Data Protection Authority (ANPD) has published its new regulation on the Data Protection Officer’s (DPO) role. A central figure in privacy governance, the DPO serves as the liaison between the data controller,...more
The Kingdom of Saudi Arabia (KSA or Kingdom) is a sovereign state located in the Middle East between the Red Sea and the Arabian Gulf (sometimes referred to as the Persian Gulf) and is one of the member states of the Gulf...more
Learning Objectives: - Explain the evolution of state data protection laws over the past year - Explore the focus on protecting health consumers - Describe practical approaches on how to build a privacy program when...more
Are you responsible for privacy compliance at your company? Sharpen your pencils and grab your highlighters for this three-part series on critical privacy laws, DPOs and privacy officers (and when you should appoint one), and...more
Introduction - We have compiled the main differences between the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing...more