New Telecommunications Telemedia Data Protection Act (TTDSG) comes into effect on 1 December 2021

More legal clarity On 1 December 2021, a new law regulating data protection and privacy in telecommunications and telemedia will come into effect: the German Telecommunications Telemedia Data Protection Act (TTDSG). The TTDSG contains new provisions on digital legacy, privacy protection for terminal equipment and consent management. It intends to create more legal certainty and … Read more

US Federal Trade Commission Updates Safeguards Rule for Consumer Financial Information

The US Federal Trade Commission (the FTC) released the text of a Final Rule (the Final Rule) on October 27, 2021, amending the Standards for Safeguarding Consumer Information (the Safeguards Rule). Since 2003, the Safeguards Rule has set the data security standards applicable to certain non-banking financial institutions, as defined under the Gramm-Leach-Bliley Act of … Read more

ICO publishes consultation on the AI and data protection risk toolkit

Executive Summary On 12 October 2021, the Information Commissioner’s Office (“ICO“) opened its consultation in relation to the use of the beta version of its AI and data protection risk mitigation and management toolkit (the “Consultation“). The Consultation runs until 1 December 2021 and the ICO is seeking responses from all industry sectors and from … Read more

ASIA DATA PROTECTION UPDATE

New security assessment rules, which are applicable to the transfer of both important data and personal information outside of China, have been issued for public consultation. The Cybersecurity Administration of China (“CAC“) released a draft of the Measures for Security Assessment of Cross-border Transfer of Data (“Draft Measures“) for public consultation on 29 October 2021. … Read more

GDPR fines can contemplate parent group turnover: The story behind the WhatsApp fine

Summary The DPC has fined WhatsApp, an instant messaging app owned by Facebook, €225 million in relation to an investigation into its compliance with transparency obligations under the GDPR. Following intervention from the EDPB, the proposed fine was increased from €30 – €50 million up to €225 million by taking into account the turnover of … Read more