Privacy law

European Commission and ASEAN releases Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses

By Marcus Evans (UK), Anna Gamvros, Wilson Ang & Jeremy Lua on June 26, 2023

Introduction

To enable international businesses to comply with cross-border personal data transfers and the relevant laws across the European Union (EU) and South-East Asia, on 24 May 2023 the European Commission and the Association of Southeast Asian Nations…

The ICO urges organisations to start using privacy enhancing technologies to share personal data safely, securely and anonymously

By Olivia Wint & Lara White (UK) on June 26, 2023

On 19 June 2023, the UK Information Commissioner’s Office (the ICO) published guidance on privacy enhancing technologies (or PETs) (the Guidance). The Guidance sits alongside the ICO’s recommendation that organisations should, if they haven’t already, start using PETs…

Texas enacts comprehensive privacy law

By David Kessler (US), Susan Ross (US) & Seth Allen (US) on June 21, 2023

On June 13, 2023, the Texas Governor signed HB4, making Texas the tenth state to have a comprehensive privacy law, joining California, Colorado, Connecticut, Montana, Virginia, and Utah (all in effect or going into effect in 2023), Montana and…

Validating State Privacy Law Opt-Out Signals

By Steve Roosa (US) & Daniel Rosenzweig (US) on March 29, 2023

State privacy laws, such as the California Consumer Privacy Act (CCPA), require companies to implement opt-out solutions and honor applicable privacy requests. But if you have implemented an opt-out, how do you know it actually works?

Read the full NT…

Privacy law is becoming more technically sophisticated. So should you.

By Steve Roosa (US), Daniel Rosenzweig (US) & Susan Ross (US) on March 22, 2023

As privacy laws and requirements become more technically sophisticated, businesses may want to consider how they can follow suit.…

Practical steps for businesses to comply with Bill C-27: part 2

By Imran Ahmad (CA), Shreya Gupta & Jeremie Wyatt (CA) on March 7, 2023

In our previous update, we summarized key operational elements that businesses should be aware of under the proposed Consumer Privacy Protection Act (CPPA), and provided practical tips to help businesses comply with these new requirements. As currently drafted, the…

Privacy Act Review report

By Ka-Chi Cheung, Anna Gamvros, Jim Lennon (AU) & Ross Phillipson on February 23, 2023

The Attorney General’s Department released its Privacy Act Review report on 16 February 2023, that includes the broad suite of reforms you would expect to bring Australia’s privacy laws in to line with both international standards and the reality of…

Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

By Imran Ahmad (CA) & Admin on February 23, 2023

Across the globe, the race is already underway among vehicle manufacturers to develop fully autonomous vehicles (AVs). AVs currently under development make sense of their surroundings and control vehicle operation through data gathered about the outside world. Like other connected…

Bring-Your-Own-Device Programs: A Balance Between Privacy and Cybersecurity

By Marisa Kwan, Joseph Cohen-Lyons, Curtis Armstrong & Admin on February 16, 2023

A ”bring your own device” (BYOD) program is a popular arrangement used by employers, whereby employees use their personal devices (e.g., smartphones, laptops, or tablets) for both personal and business purposes. Last year, about two-thirds of Canadian private…

ICYMI – Late December in privacy and cybersecurity

By David Kessler (US) & Susan Ross (US) on January 30, 2023

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. We have set out some updates in the form of questions, with some links…

Data Protection Report