April Data Wrap: A snapshot of key regulatory developments

In light of the multiple announced investigations across Europe in relation to Open AI and its Chat GPT Service, April saw the EDPB launch a dedicated task force to “foster cooperation and to exchange information on possible enforcement actions conducted by data protection authorities”. The speed with which this coordinated taskforce was set up highlights … Read more

TikTok’s misuse of children’s data results in £12.7 million ICO fine

The UK’s Information Commissioner’s Office (“ICO“) has fined Tik Tok Information Technologies UK Limited and TikTok Inc (“TikTok“) £12.7 million for breaching the UK GDPR, in particular for failing to protect children’s privacy. The ICO had previously issued a notice of intent to fine TikTok £27 million for various data protection law breaches between May … Read more

March Data Wrap: A snapshot of key regulatory developments

March saw the UK Government recommence its efforts to reform the UK data regime by introducing the aptly named “Data Protection and Digital Information Bill (No.2)” to Parliament on 8 March 2023. The second draft bill supersedes the original version that was paused in September to allow ministers to rethink their approach and engage in … Read more

HAPPY INTERNATIONAL DATA PRIVACY DAY: OUR PREDICTIONS FOR 2023

Happy International Data Privacy Day for Saturday! And what better reason than that to explore what 2023 is likely to have in store for data and privacy? We are just over one year on from the UK government hinting that it might think outside the box in terms of data protection regulation. Two years on … Read more

President Biden’s Executive Order implements EU-US data privacy framework

President Biden recently issued an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (the Privacy EO) outlining steps that the US Government is taking to implement the US commitments under the European Union-US Data Privacy Framework (the Privacy Framework) that the US and the European Commission (EC) announced in March 2022 to … Read more

New guidance on the CAC security assessment for cross-border data transfer

On 31 August 2022, the Cyberspace Administration of China (“CAC“) published the Guidelines on the Application of Security Assessment of Cross-border Transfer of Data (“Guidelines“) to clarify how organisations in China can apply to CAC for a security assessment for cross-order data transfer, a requirement stipulated under the Measures for Security Assessment of Cross-border Transfer … Read more

Journey to global privacy harmonisation: Australia joins the Global Cross-Border Privacy Rules Forum certification system

On 17 August 2022, the Australian Government announced that Australia joined the Global Cross-Border Privacy Rules (Global CBPR) Forum.[1] The Forum, launched in April 2022, establishes a certification system to help companies in participating jurisdictions demonstrate compliance with internationally-recognised privacy standards, with the aim of fostering interoperability and international data flows.[2] Read more

DATA PROTECTION AND DIGITAL INFORMATION BILL: OUR FIRST IMPRESSIONS

Following the UK Government’s publication of its response to the DCMS consultation on the Data Reform Bill last month (see our blog post on this here), the UK Government has published and introduced to Parliament a 192-page draft text which now has a new name: the Data Protection and Digital Information Bill. The new bill … Read more