Pseudonymised data is personal data – but in whose hands? ICO calls for views on third chapter of draft anonymisation guidance

On 7 February 2022, the Information Commissioner’s Office (“ICO“) announced the publication of the third chapter of its draft guidance on anonymisation, pseudoymisation and privacy enhancing technologies (the “Draft Guidance“). Following on from the first and second chapters published on 28 May 2021 and 8 October 2021, respectively, which focus on anonymisation, the new third … Read more

The UK’s International Data Transfer Agreement is laid before Parliament

Following the conclusion of the Information Commissioner’s Office (“ICO“) 2021 consultation on the UK’s draft international data transfer agreement and accompanying methodology, the Secretary of State laid before Parliament the final version of the transfer documents on 28 January 2022. Collectively, the following documents are intended to be used by organisations transferring personal data outside … Read more

HAPPY INTERNATIONAL DATA PRIVACY DAY: OUR PREDICTIONS FOR 2022

Happy International Data Privacy Day! And what better day than today, to explore what 2022 is likely to have in store for data and privacy? One year on from the introduction of the UK GDPR in a post-Brexit Britain. Two years on from the start of a global pandemic which forced a discussion around the … Read more

New Telecommunications Telemedia Data Protection Act (TTDSG) comes into effect on 1 December 2021

More legal clarity On 1 December 2021, a new law regulating data protection and privacy in telecommunications and telemedia will come into effect: the German Telecommunications Telemedia Data Protection Act (TTDSG). The TTDSG contains new provisions on digital legacy, privacy protection for terminal equipment and consent management. It intends to create more legal certainty and … Read more

ICO publishes consultation on the AI and data protection risk toolkit

Executive Summary On 12 October 2021, the Information Commissioner’s Office (“ICO“) opened its consultation in relation to the use of the beta version of its AI and data protection risk mitigation and management toolkit (the “Consultation“). The Consultation runs until 1 December 2021 and the ICO is seeking responses from all industry sectors and from … Read more

Online Privacy Code: More Transparency and Minimum Standards for Online Platforms in Australia

 G20 nation moves to modernised privacy code for online platforms, including binding rules. The proposed scope – and stakes for industry players – is substantial. On 25 October 2021, the Australian Attorney-General’s department released, for public consultation, an exposure draft bill introducing amendments to the Privacy Act 1988 (Cth) (the Privacy Legislation Amendment (Enhancing Online Privacy and … Read more

Proposed security assessment mechanism for transferring data outside of China

New security assessment rules, which are applicable to the transfer of both important data and personal information outside of China, have been issued for public consultation. The Cybersecurity Administration of China (“CAC“) released a draft of the Measures for Security Assessment of Cross-border Transfer of Data (“Draft Measures“) for public consultation on 29 October 2021. … Read more