China – Cyber security and data protection April round up

The financial regulators have continued to increase their efforts to develop and protect financial data. The People’s Bank of China released new standards on enhancing the data capability of financial institutions. Further, several banks were penalized for violating data protection rules in relation to processing of personal information. MIIT has maintained its focus on its … Read more

European Commission publishes new draft Article 28 clauses for consultation

Alongside, and perhaps in the shadow of, the European Commission publishing its long-awaited draft new Standard Contractual Clauses (the “New SCCs”) to address the restrictions imposed by the GDPR in relation to making international transfers of personal data  (for further details see our blog post here), the European Commission has also published a set of … Read more

China Cybersecurity and Data Protection: What you need to know about China’s draft Personal Information Protection Law

Mid-October marked the start of the formal legislative approval process for China’s proposed new law on personal information protection. The milestone draft Personal Information Protection Law (PIPL) underwent is first reading by the Standing Committee of the 13th National People’s Congress and was released for public consultation on 22 October 2020. For further details on … Read more

A change in approach to subject access? ICO Publishes Updated DSAR Guidance

Summary The ICO (the UK privacy regulator) has updated its guidance on data subject access rights, and the revised guidance appears to be aimed at giving organisations practical advice on managing and responding to subject access requests by including further detail and examples. Although the revised guidance has not changed dramatically, it is fair to … Read more

National Data Strategy: The UK’s Data Revolution

On 9 September, the UK Government published a National Data Strategy which places data at the core of the UK’s recovery from the COVID-19 pandemic. The UK Government aims to ensure that companies and organisations can use data to drive digital transformation and innovation and boost growth across the UK economy. This new strategy comes … Read more

German Regulator Publishes Schrems II ‘Checklist’

The Baden-Württemberg data protection authority (“LfDI”) has issued guidance to controllers and processors following the Schrems II judgement.  The guidance includes helpful, practical tips which entities can take with respect to their current and future international transfers. Whilst aimed primarily at organisations subject to the jurisdiction of the LfDI, the guidance may be helpful for … Read more