On September 12, 2023, the UK Information Commissioner, John Edwards, and the Chief Executive of the National Cyber Security Centre (NCSC) of the UK, Lindy Cameron, signed a joint Memorandum of Understanding (MoU) that sets forth a framework for cooperation and information sharing between the ICO and the NCSC.
Continue Reading ICO and NCSC Sign Joint Memorandum of Understanding for Information Sharing

Stephen Mathias from Kochhar & Co. reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. The Act was ratified by the President of India and will come into effect once notified by the Government. The Act significantly updates a previous draft, and departs substantially from the GDPR model of privacy laws.

Continue Reading India Passes Digital Personal Data Protection Act

On July 19, 2023, the European Data Protection Board issued an Information Note regarding data transfers to the U.S. following the adoption of an adequacy decision on the EU-U.S. Data Privacy Framework on July 10, 2023.
Continue Reading European Data Protection Board Issues Information Note on Data Transfers under the Data Privacy Framework

On July 14, 2023, the Norwegian Data Protection Authority ordered Meta Platforms Ireland Limited and Facebook Norway AS to temporarily cease the processing of personal data of data subjects in Norway for the purpose of targeting ads on the basis of “observed behavior” when relying on the contractual necessity legal basis or the legitimate interests legal basis of the GDPR.
Continue Reading Norwegian DPA Adopts Measures Regarding Meta’s Behavioral Advertising Activities

Pablo A. Palazzi from Allende & Brea in Argentina reports that on June 30, 2023, the Argentine Executive Branch sent the new Personal Data Protection Bill to the National Congress. The Bill was drafted by the Argentine Data Protection Authority and seeks to amend the current Personal Data Protection Act (Law No. 25,326 of 2000).
Continue Reading Argentina Personal Data Protection Bill Sent to Congress