The UK’s International Data Transfer Agreement is laid before Parliament

Following the conclusion of the Information Commissioner’s Office (“ICO“) 2021 consultation on the UK’s draft international data transfer agreement and accompanying methodology, the Secretary of State laid before Parliament the final version of the transfer documents on 28 January 2022. Collectively, the following documents are intended to be used by organisations transferring personal data outside … Read more

HAPPY INTERNATIONAL DATA PRIVACY DAY: OUR PREDICTIONS FOR 2022

Happy International Data Privacy Day! And what better day than today, to explore what 2022 is likely to have in store for data and privacy? One year on from the introduction of the UK GDPR in a post-Brexit Britain. Two years on from the start of a global pandemic which forced a discussion around the … Read more

ICO publishes consultation on the AI and data protection risk toolkit

Executive Summary On 12 October 2021, the Information Commissioner’s Office (“ICO“) opened its consultation in relation to the use of the beta version of its AI and data protection risk mitigation and management toolkit (the “Consultation“). The Consultation runs until 1 December 2021 and the ICO is seeking responses from all industry sectors and from … Read more

Online Privacy Code: More Transparency and Minimum Standards for Online Platforms in Australia

 G20 nation moves to modernised privacy code for online platforms, including binding rules. The proposed scope – and stakes for industry players – is substantial. On 25 October 2021, the Australian Attorney-General’s department released, for public consultation, an exposure draft bill introducing amendments to the Privacy Act 1988 (Cth) (the Privacy Legislation Amendment (Enhancing Online Privacy and … Read more

Online Privacy Bill and Privacy Act Discussion Paper: Stricter Enforcement, Online Privacy Code and the Impact for Organisations Handling Personal Information

Two recent publications by the Australian Attorney-General’s Department mark significant steps forward on the long road to reform of Australian privacy legislation: An Online Privacy Bill Exposure Draft introducing amendments to the Privacy Act 1988 (Cth) (“Online Privacy Bill”), which will strengthen penalties and enforcement measures and introduce a binding privacy code for online platforms. … Read more

GDPR fines can contemplate parent group turnover: The story behind the WhatsApp fine

Summary The DPC has fined WhatsApp, an instant messaging app owned by Facebook, €225 million in relation to an investigation into its compliance with transparency obligations under the GDPR. Following intervention from the EDPB, the proposed fine was increased from €30 – €50 million up to €225 million by taking into account the turnover of … Read more