As reported by Russian law firm Alrud, on November 21, 2019, the Russian State Duma passed a bill that would increase the minimum fines that may be imposed for violations of Russia’s data protection laws.
Continue Reading
Data Transfer
EDPB Publishes Guidelines on Data Protection by Design and by Default
Posted on
Posted in European Union, International
On November 13, 2019, the European Data Protection Board published its draft guidelines 4/2019 on the obligation of Data Protection by Design and by Default set out under Article 25 of the EU General Data Protection Regulation. …
Continue Reading
Company Settles FTC Allegations of Privacy Shield Misrepresentation
Posted on
On November 19, 2019, the Federal Trade Commission announced that Medable, Inc. agreed to settle allegations that the company had misrepresented its participation in the EU-U.S. Privacy Shield program.…
Continue Reading
China Issues Updated Draft Amendments to Information Security Technology Specification
Posted on
Posted in Information Security, International
On October 22, 2019, the drafting group of China’s National Information Security Standardization Technology Committee released a third draft amendment to the Information Security Technology – Personal Information Security Specification.…
Continue Reading
Canada’s Privacy Commissioner Ends Effort to Require Consent for Transborder Data Transfer
Posted on
Posted in Information Security, International
On September 23, 2019, the Office of the Privacy Commissioner of Canada announced that it completed its consultation on transfers for processing and that the OPC’s current guidelines for processing personal data across borders—under which consent for transfers to data processors is not required—remain unchanged.…
Continue Reading
Philippines Submits Notice of Intent to Join the APEC CBPR
Posted on
Posted in International
On September 20, 2019, the Philippines National Privacy Commission announced it has filed its notice of intent to join the APEC Cross-Border Privacy Rule system.…
Continue Reading
Ecuador Fast-Tracks Data Protection Law in Wake of Massive Breach
Posted on
Posted in International, Security Breach
Ecuador is seeking to pass a data protection bill in the wake of a massive data breach that resulted in the personal data of up to 20 million people being made available online.…
Continue Reading
CNIL Updates FAQs to Prepare for a No-deal Brexit
Posted on
On September 10, 2019, the French data protection authority updated its existing set of questions and answers (“FAQs”) on the impact of a no-deal Brexit on data transfers from the EU to the UK and discussed how controllers should prepare.…
Continue Reading
CIPL Issues White Paper on New Standard Contractual Clauses for International Transfers under the GDPR
Posted on
On August 7, 2019, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP issued a white paper on “Key Issues Relating to Standard Contractual Clauses for International Transfers and the Way Forward for New Standard Contractual Clauses under the GDPR.” The White Paper was submitted to the European Commission as part of its ongoing work to update EU Standard Contractual Clauses for international transfers.…
Continue Reading
APEC Endorses Singapore CBPR Accountability Agent
Posted on
Posted in International
On July 23, 2019, APEC issued a press release announcing the recent appointment of the Infocomm Media Development Authority as Singapore’s Accountability Agent for the APEC Cross-Border Privacy Rules and APEC Privacy Recognition for Processors.…
Continue Reading