Regulating AI: Two steps forward for the UK as pro-innovation approach remains

    Following landmark developments in 2023, the international spotlight remains firmly on AI regulation as we enter into 2024. The last few days alone have not only seen the COREPER Ambassador’s agreement on the EU AI Act, but also the long-awaited Government response to its AI Regulation White Paper released yesterday (“Response“) and the House of … Read more

    INTERNATIONAL DATA PRIVACY DAY: OUR PREDICTIONS FOR 2024

    Happy (belated) International Data Privacy Day for Sunday! And what better reason than that to explore what 2024 is likely to have in store for data and privacy? We are just over one year on from the European Commission kick starting the process to adopt an adequacy decision for the EU-US Data Privacy Framework. Two … Read more

    Oct / Nov / Dec Data Wrap: A snapshot of key regulatory developments

    In a last-minute addition to this Data Wrap, after nearly three years of discussions and negotiation, political agreement has finally been reached in relation to the EU’s AI Act – the first major comprehensive regulation specifically in relation to artificial intelligence.  While the text is not yet available, the key elements of the agreement are … Read more

    China Releases Draft Measures for Cybersecurity Incident Reporting

    The Cybersecurity Administration of China (CAC) recently released a consultation draft of the Administrative Measures on the Reporting of Cybersecurity Incidents (Measures), together with the Guidelines on Grading of Cybersecurity Incidents (Guidelines) and the Reporting Form of Cybersecurity Incident Information (Reporting Form). The drafts are open for public comment until 7 January 2024. Once effective, they will provide much-needed … Read more

    EU AI Regulation – Political Agreement Reached on the EU’s Landmark AI Act

    After nearly three years of discussions and negotiation, political agreement has finally been reached in relation to the EU’s AI Act, the first major comprehensive regulation in relation to artificial intelligence.  While the text is not yet available, the key elements of the agreement are now clear.  In particular, the functional “risk-based” approach remains at … Read more

    Greater Bay Standard Contract facilitates personal data transfers between nine Guangdong cities and Hong Kong

    On 13 December 2023, the Cyberspace Administration of China and Hong Kong Innovation Technology and Industry Bureau jointly issued the Guidelines for the Implementation of Standard Contract for Cross-boundary Flow of Personal Information in the Guangdong-Hong Kong-Macao Greater Bay Area (Mainland and Hong Kong) (“GBA Standard Contract”). Personal data transfers within the Greater Bay Area … Read more

    Joint Statement from Data Protection Authorities on Data Scraping – article published in Privacy and Data Protection Journal

    The Privacy and Data Protection Journal has published an article by Duc Tran and Erin Bibb, which addresses the Joint Statement issued by the UK’s Information Commissioner’s Office (“the ICO“) in conjunction with eleven other national data protection authorities on data scraping practices and protecting privacy. The Joint Statement served to remind organisations that publicly … Read more

    Saudi Arabia’s Personal Data Protection Law – What you need to know

    We are pleased to share our latest article that provides a detailed overview of the Saudi Personal Data Protection Law (PDPL) which came into effect on 14 September 2023 and has a one-year grace period. The PDPL has taken great strides to align the Kingdom’s data protection framework with international best practice, namely the General … Read more