Error: Can't connect Warning: mysqli_query() expects parameter 1 to be mysqli, null given in /home/customer/www/hsfnotes.com/public_html/wp-content/themes/hsfnotes/template-parts/tpl_filters.php on line 186
Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, null given in /home/customer/www/hsfnotes.com/public_html/wp-content/themes/hsfnotes/template-parts/tpl_filters.php on line 187
On 24 November 2023, the Thai privacy regulator, Personal Data Protection Committee (the “PDPC”) issued a press release for the first time that they are taking enforcement action under the Thai Personal Data Protection Act B.E. 2562 (2019) (the “PDPA“) for non-compliance with the PDPA by a Thai insurance company in relation to its handling … Read more
On 13 October 2023, the UK FCA published its Final Notice to Equifax Ltd, the UK subsidiary of US company Equifax Inc, in relation to a major 2017 data breach which affected over 13.7 million UK consumers. The FCA determined that Equifax Ltd had breached Principles 3, 6 and 7 of its Principles and imposed a fine of over £11m. The firm agreed to resolve the matter and so qualified for a 30% discount for early settlement. The FCA's Final Notice helps to explain the rationale behind the UK regulatory authorities developing and enhancing the operational resilience regime in 2019. It also highlights some particular pitfalls in managing intra-group outsourcings effectively. Read more
On 4 September 2023, the National Broadcasting and Telecommunications Commission (“NBTC“) Notification regarding Measures to Protect Rights of Telecom Service Users relating to Personal Data, Privacy Rights and Communication Freedom in Telecom B.E. 2566 (2023) (the “Notification“) was gazetted and came into force on the same day. What is the Notification about? The Notification imposes … Read more
On August 11, 2023, India’s long-awaited general personal data protection legislation, the Digital Personal Data Protection Act, 2023 (“DPDPA”) was finally enacted. Governing the world’s fifth largest economy and one of its fastest growing digital markets, the DPDPA will be of importance to a large number of international businesses that operate in India, rely on … Read more
The Cyberspace Administration of China (CAC) has released draft provisions which will relax the current requirements on cross border data transfers. The draft provisions set out exemptions from the need to comply with one of the three transfer mechanisms that would otherwise be required, namely (i) CAC assessment (ii) China’s standard contract or China standard … Read more
India’s omnibus data protection legislation, the Digital Personal Data Protection Act, 2023 (“India’s DPDPA”), was passed and gazetted in August 2023. Notably, it shares several common concepts with Singapore’s Personal Data Protection Act 2012 (“Singapore’s PDPA”), some of which are not readily found in other laws including the European Union’s General Data Protection Regulation (“GDPR“). … Read more
As mentioned in a last-minute entry to our June Data Wrap, on 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-US Data Privacy Framework (“DPF“), determining that data transfers pursuant to the DPF benefited from an adequate level of data protection. This means that personal data can now freely flow … Read more