Error: Can't connect Warning: mysqli_query() expects parameter 1 to be mysqli, null given in /home/customer/www/hsfnotes.com/public_html/wp-content/themes/hsfnotes/template-parts/tpl_filters.php on line 186
Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, null given in /home/customer/www/hsfnotes.com/public_html/wp-content/themes/hsfnotes/template-parts/tpl_filters.php on line 187
A company in China has the option of relying on (i) the standard contract (see our article) or (ii) certification to transfer personal information outside of China, if it is not subject to the mandatory Cyberspace Administration of China (CAC) security assessment. Certification is, therefore, an alternative data transfer mechanism to the standard contract under … Read more
The UK Government recommenced its efforts to reform the UK data protection regime by introducing the aptly named “Data Protection and Digital Information Bill (No.2)” (“Second Draft Bill”) to Parliament on 8 March 2023. The full text of the Second Draft Bill can be found here and an accompanying set of Explanatory Notes can be … Read more
In February 2023, the Cyberspace Administration of China (CAC) officially released its long-awaited, final version of the Standard Contract for the outbound cross-border transfer of personal data. This is one of three permitted mechanisms for transferring personal data outside of China and is expected to be the most frequently used. Read more
The report is long-awaited, and the reforms it canvasses are increasingly critical to the way businesses run and operate in a digital economy. We have seen evidence of this in Australia with large scale cyber-attacks affecting personal information held by businesses and government. The Report puts forward 116 proposals for reforming the Privacy Act. A … Read more
Happy International Data Privacy Day for Saturday! And what better reason than that to explore what 2023 is likely to have in store for data and privacy? We are just over one year on from the UK government hinting that it might think outside the box in terms of data protection regulation. Two years on … Read more
Now that the deadlines have passed for implementing: EU Standard Contractual Clauses (“EU SCCs”) into all new and existing contractual arrangements involving restricted transfers of data under the EU GDPR; and the UK equivalent to the EU SCCs (the UK specific International Data Transfer Agreement (“IDTA“) or the EU SCCs in combination with the UK … Read more
On 15 December 2022, the Notification of the Personal Data Protection Committee (the “PDPC“) Re: Criteria and Means on Personal Data Breach Notification (the “PDPC Notification“) was published on the Thailand’s royal gazette and takes effect on the same day. This sets out more elaborated requirements on one of the key data controller’s obligations – … Read more
The Privacy and Data Protection Journal has published an article by Duc Tran and Tariq Salameh, exploring the approach being taken by the UK government to the regulation of AI systems. With the overarching aim of facilitating innovation and growth, the UK government has proposed changes to the regulation of AI in the UK including: … Read more
2022 is a milestone year for data privacy and cyber security laws developments across Southeast Asia. We set out the key changes as follows: The new Personal Data Protection Law in Indonesia became effective on 17 October 2022. Multiple data protection guidelines have been issued to supplement the Personal Data Protection Act in Thailand, which … Read more