China Data Law Update: Certification Rules and Draft Standard Contract Are Issued
As the year approaches its halfway point, Chinese government accelerates the legislation for cross-border data transfers.
Reflecting on the UK Inaugural DaTA Conference: Top Five Trends to Watch as Global Regulators Step up Enforcement in Digital Markets
Last week, the UK Competition and Markets Authority (CMA) hosted its inaugural Data, Technology, and Analytics (DaTA) Conference.
The CMA DaTa Conference has been hailed as a milestone as it convened for the first time regulators, data scientists, engineers, tech companies, and academics to discuss evolving challenges in digital markets. … Read More
Spotlight on Women in Privacy – Hattie Davison
Hattie Davison, UK Government, Department for Digital, Culture, Media and Sport, Head of Data Reform Policy
Understanding China’s Data Regulatory Regime: China Solicits Public Comments on Certification Rules for Cross-Border Data Processing Activities
Certification by a professional institution is one of the mechanisms permitted under China’s Personal Information Protection Law (PIPL) to legitimize cross-border transfers of personal information. Other permitted mechanisms include governmental security review and standard contractual clauses to be issued by the Chinese government. However, to date, there have … Read More
The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech
As regulators around the world fiercely debate new ways to oversee competition in the digital sector, the EU is on the brink of formally approving a landmark new law. The Digital Markets Act (DMA) will impose a stringent regulatory regime on large online platforms (so-called “gatekeepers”) and give the European … Read More
Data Matters: The Declaration for the Future of the Internet
On April 28, 2022, the White House announced, in partnership with 60 global partners, the launch of the Declaration for the Future of the Internet, also known as the “DFI.”
According to the White House briefing, the Declaration sets forth the shared principles regarding how parties should comport … Read More
EU Data Governance Act – Edging Closer to a European Single Market for Data
On 6 April 2022, the European Parliament formally approved the Data Governance Act (“DGA”), which establishes a legal framework to promote the availability of data and increase trust in data sharing across sectors in the EU. Some of the key objectives of the new legislation include enabling the re-use of … Read More
Privacy by Design and Data Minimisation
*This article was first published by Global Data Review in March 2022.
“Privacy by design” refers to the practice of integrating and embedding privacy and data protection into the development and implementation of information technology systems, business practices and policies, and products and applications.
Understanding China’s Data Regulatory Regime: What Are Important Data? And Can They Be Transferred Outside Of China?
The concept of “important data” is a cornerstone of China’s data regulatory regime. The Cyber Security Law (2017) (the CSL) prohibits operators of critical information infrastructures (CIIs) from transferring their “important data” and personal information outside of China. The Data Security Law (2021) (the DSL) and … Read More
Third Time’s a Charm? Privacy Shield Agreement Reached In Principle
The U.S. President and European Commission President announced in a joint press statement on March 25th, 2022 that an agreement “in principle” has been reached on a new Trans-Atlantic Data Privacy Framework (Privacy Shield Agreement 2.0). Once approved and implemented, the agreement would facilitate the transatlantic flow of personal data … Read More