The World Economic Forum (WEF), an influential international non-governmental organisation for public-private cooperation, published its white paper on overcoming the barriers to international data flows on 16 January 2023....more
The OECD countries adopted the first intergovernmental declaration setting out common approaches to providing privacy and data protection safeguards for governmental access to personal data held by private sector (on 14...more
The plenary session of the European Parliament adopted the final versions of the Directive on measures for a high common level of cybersecurity across the Union (NIS2 Directive) and of the Digital Operational Resilience Act...more
On 7 October 2022, the President of the United States signed an Executive Order on Enhancing Safeguards for US Intelligence Activities. The Executive Order aims to implement the United States' commitments to protect EU-US...more
On 13 July 2022, the Public Procurement Chamber of the German state of Baden-Württemberg (the Public Procurement Chamber) issued a decision confirming that personal data processed by an EU subsidiary of a parent entity...more
The European Data Protection Board (EDPB) has adopted, on 16 June 2022, the draft guidelines on certification as a tool for transfers of data to third countries without adequacy status (the Guidelines). The text of the...more
On 13 June 2022, the UK’s Department of Digital, Culture, Media and Sport (DCMS) published its 2022 Digital Strategy (the Strategy)....more
On 5 May 2022, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint opinion (Opinion) addressing the legislative proposal of the European Commission for the EU Data Act,...more
On 21 April 2022, seven economies participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) System announced the launch of the Global CBPR Forum to facilitate multinational cooperation in...more
With rapidly evolving developments regarding Russia and Ukraine, the FCA has reiterated that firms need to be vigilant of operational and cyber resilience....more
On 15 March 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act 2022 (Cyber Incident Reporting Act). The House of Representatives passed the bill on 9 March 2022....more
On 15 February 2022, the European Data Protection Board (EDPB) launched the first coordinated enforcement action under the coordinated enforcement framework (CEF) which was set up in October 2021....more
On 2 February 2022, the Department for Digital, Culture, Media and Sport (DCMS) laid before Parliament the international data transfer agreement (IDTA), the international data transfer addendum to the European Commission’s...more
On 15 December 2021, the UK Government published its new National Cyber Strategy for 2022 based around the following five strategic pillars, representing the goals that the government intends to achieve by 2025, as first set...more
Employers are working in a new and disrupted world, with different volumes and types of data, processed for different purposes, including those driven by societal development, expectations and changing ways of working. These...more
On 18 November 2021, the European Data Protection Board (EDPB) adopted a statement (the Statement) on the recent legislative proposals issued as part of the European Commission’s Digital Services Package and Data Strategy. ...more
On 19 November 2021, the European Data Protection Board (EDPB) published the much-awaited draft guidance on the interplay between the provisions of the GDPR on territorial scope (in Article 3) and on international data...more
On 25 October 2021, the Administrative Court of Wiesbaden (the Court) announced its decision, issued in early October, to submit two questions to the Court of Justice of the European Union (CJEU) regarding the scope of the...more
On 21 October 2021, the Global Privacy Assembly (GPA) concluded its 43rd Closed Session, hosted virtually by the Mexican National Institute of Access to Information and Data Protection. During the course of the four-day...more
On 14 October 2021, the White House brought together the representatives of more than 30 national governments to address the transnational nature of the threat posed by ransomware attacks. The meeting resulted in a joint...more
10/18/2021
/ Biden Administration ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Joint Statements ,
Popular ,
Ransomware ,
Regulatory Agenda ,
Risk Management
On 27 September 2021, the European Data Protection Board (EDPB) published its opinion on the draft adequacy decision of the European Commission in relation to the Republic of Korea (the Opinion). This is the first opinion on...more
On 8 September 2021, the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs published a briefing about the report that considered the ethical issues surrounding use of biometric...more
The Irish supervisory authority (Irish DPC) published its final decision to impose a fine of EUR 225 million on WhatsApp Ireland Ltd (WhatsApp)(on 2 September 2021). This decision follows a cross-border investigation into...more
On 2 August 2021, the Italian supervisory authority (Garante) announced that is has imposed a fine of EUR 2.5 million against a food delivery company Deliveroo Italy s.r.l. (Deliveroo) for violation of several requirements of...more
On 24 June 2021, the Advocate General (AG) of the Court of Justice of the European Union (CJEU) issued his opinion on the preliminary ruling request submitted by Germany's Federal Court of Justice (Bundesgerichtshof) in case...more