On November 6, 2020, Hunton attorneys Dora Luo and Yanchen Wang published a new Guidance Note for OneTrust DataGuidance on China’s data protection laws. The Guidance Note examines recent changes to China’s emerging cybersecurity and personal information protection framework.
Continue Reading Hunton Attorneys Publish Guidance Note on Changes to China’s Data Protection Laws

On December 10, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the European Commission’s invitation for comments on its draft implementing decision on standard contractual clauses between controllers and processors for purposes of Article 28 of the GDPR.
Continue Reading CIPL Submits Response to European Commission’s Article 28 Standard Contractual Clauses

Sweet & Maxwell published the fifth edition of Data Protection Law and Practice written by Hunton’s Rosemary Jay. The latest edition provides a comprehensive and thorough review of the current state of data protection law in the UK, along with the background to the law.
Continue Reading Sweet & Maxwell Publishes the Fifth Edition of Data Protection Law and Practice Written by Rosemary Jay

On December 10, 2020, the French Data Protection Authority announced that it has levied fines on Google LLC, Google Ireland Limited and Amazon Europe Core for alleged violations of the French cookie rules. This post examines the French cookie rules, CNIL’s territorial jurisdiction, the investigations and the sanctions levied against each company.
Continue Reading CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

On December 2, 2020, the Centre for Information Policy Leadership at Hunton Andrews Kurth submitted its response to the UK Department for Digital, Culture, Media and Sport’s UK National Data Strategy consultation. In its response, CIPL highlights several considerations for DCMS when further developing and implementing its NDS.
Continue Reading CIPL Submits Response to UK DCMS’ National Data Strategy Consultation

On November 25, 2020, the European Commission published its Proposal for a Regulation on European Data Governance. The Data Governance Act is part of a set of measures announced in the 2020 European Strategy for Data, which is aimed at putting the EU at the forefront of the data empowered society.
Continue Reading European Commission Publishes Draft Data Governance Act

On December 1, 2020, the Cyberspace Administration of China released draft rules on the “Scope of Necessary Personal Information Required for Common Types of Mobile Internet Applications” (the “Draft Rules”) (in Chinese).

Continue Reading China Issues Draft Rules on the “Scope of Necessary Personal Information Required for Common Types of Mobile Internet Applications”

On November 26, 2020, the Conference of the German Data Protection Authorities issued a press release with conclusions from their 100th anniversary meeting. The key issues discussed were the implications of Schrems II on German privacy and cybersecurity.
Continue Reading Takeaways from 100th Anniversary Meeting of German Data Protection Authorities

On November 26, 2020, the French Data Protection Authority announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation and Article 82 of the French Data Protection Act governing the use of cookies.
Continue Reading CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations