Journey to global privacy harmonisation: Australia joins the Global Cross-Border Privacy Rules Forum certification system

On 17 August 2022, the Australian Government announced that Australia joined the Global Cross-Border Privacy Rules (Global CBPR) Forum.[1] The Forum, launched in April 2022, establishes a certification system to help companies in participating jurisdictions demonstrate compliance with internationally-recognised privacy standards, with the aim of fostering interoperability and international data flows.[2] Read more

WHAT WE KNOW SO FAR ABOUT THE NEW TRANS-ATLANTIC DATA PRIVACY FRAMEWORK

Summary Following the European Commission’s (“EC”) announcement of the new Trans-Atlantic Data Privacy Framework (the “Framework”) earlier this year, Lawyer and privacy activist Max Schrems’ organisation, NOYB, recently issued an open letter to EU and US officials arguing that the proposed framework is unlikely to withstand legal challenge and overly resembles its predecessor, the now-defunct … Read more

IMPORTANT UPDATES ON CROSS-BORDER DATA TRANSFER IN CHINA

Under the PRC Personal Information Protection Law (“PIPL“) which became effective on 1 November 2021, a transfer of personal information outside of China requires multiple conditions to be met. Personal information can only be transferred overseas upon obtaining separate consent from the data subjects, conducting a personal information protection impact assessment (“PIA“) and complying with … Read more

Transfer of personal data between Europe/UK and Asia: Key changes and practical tips

Following the publication of the new EU Standard Contractual Clauses (“SCCs“) last year and their UK equivalent at the beginning of this year, any current arrangements for transferring personal data outside of Europe or the UK (e.g. international data transfer agreements involving a European or UK party) should be revisited and updated in the coming … Read more

The UK’s International Data Transfer Agreement is laid before Parliament

Following the conclusion of the Information Commissioner’s Office (“ICO“) 2021 consultation on the UK’s draft international data transfer agreement and accompanying methodology, the Secretary of State laid before Parliament the final version of the transfer documents on 28 January 2022. Collectively, the following documents are intended to be used by organisations transferring personal data outside … Read more

Proposed security assessment mechanism for transferring data outside of China

New security assessment rules, which are applicable to the transfer of both important data and personal information outside of China, have been issued for public consultation. The Cybersecurity Administration of China (“CAC“) released a draft of the Measures for Security Assessment of Cross-border Transfer of Data (“Draft Measures“) for public consultation on 29 October 2021. … Read more