Skip to content

menu

Data Protection Report logo
HomeAboutContact
Search
Close
Compliance and risk managementCurrent Page:Regulatory responseData breachCybersecurity
View topics Archives
Subscribe

Data Protection Report

Data protection legal insight at the speed of technology

Regulatory response

Subscribe to Regulatory response via RSS

“Am I a CII operator?” – New regulation in China provides more clarity

Photo of Anna GamvrosPhoto of Lianying Wang (CN)
By Anna Gamvros & Lianying Wang (CN) on August 18, 2021

China’s Cyber Security Law (CSL), enacted in 2016, requires operators of critical information infrastructure (CII) to follow a number of enhanced security obligations, including storing within China all personal information and important data collected or generated…

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

Photo of Christoph Ritzer (DE)Photo of Natalia Filkina (DE)
By Christoph Ritzer (DE) & Natalia Filkina (DE) on July 28, 2021

Germany’s highest civil court, the Federal Court Of Justice (Bundesgerichtshof, the FCJ), has just published a decision specifying the scope of data subject access requests (DSARs). The FCJ held that Article 15 of the EU General Data…

It must be as easy to reject cookies as it is to accept them: 40 additional organizations on the radar of the CNIL

Photo of Lara White (UK)Photo of Barbara Ghebali (FR)
By Lara White (UK) & Barbara Ghebali (FR) on July 27, 2021

As part of its global strategy to ensure compliance with its new cookies mandatory guidelines, and as announced in its priority control themes for 2021, in May 2021 the CNIL issued formal notices to over twenty organizations (including international actors…

EU’s possible Data Act: What can we anticipate from the Inception Impact Assessment and the Consultation?

Photo of Seiko Hidaka (UK)Photo of Jay Modrall (BE)
By Seiko Hidaka (UK) & Jay Modrall (BE) on July 5, 2021

The European Commission (EC) signalled plans for a new Data Act, to be published in late 2021, in its February 2020 Data Strategy Communication.  The EC revealed more details in its 2021 Consultation and Inception Impact Assessment. The…

Subscribe to Data Protection Report

Subscribe to this publication

EU – UK data transfers can continue: UK receives much welcome adequacy decision

Photo of Marcus Evans (UK)
By Marcus Evans (UK) & Janine Regan (UK) on June 28, 2021

The European Commission has today published a positive adequacy finding in respect of the UK’s data protection regime (the Decision).  This means that personal data can continue to flow freely from the EU to the UK without the need…

The EDPB publishes its finalised version of the Recommendations on supplementary measures

Photo of Marcus Evans (UK)Photo of Lara White (UK)Photo of Christoph Ritzer (DE)
By Marcus Evans (UK), Lara White (UK) & Christoph Ritzer (DE) on June 22, 2021

On 21 June 2021, the European Data Protection Board (EDPB) published its finalised version of the Recommendations on supplementary measures (the Recommendations) to assist companies comply with the Schrems II judgement.

This comes just a couple…

A deeper dive into the new Standard Contractual Clauses

Photo of Marcus Evans (UK)Photo of Lara White (UK)Photo of Christoph Ritzer (DE)
By Janine Regan (UK), Marcus Evans (UK), Lara White (UK) & Christoph Ritzer (DE) on June 7, 2021

On Friday 4 June, the European Commission published the finalised version of the new Standard Contractual Clauses for transferring personal data from the EU to third countries (the New SCCs).  Privacy professionals have been waiting for the New SCCs for…

European Commission publishes much anticipated finalised Standard Contractual Clauses

Photo of Marcus Evans (UK)Photo of Lara White (UK)Photo of Christoph Ritzer (DE)
By Marcus Evans (UK), Lara White (UK), Christoph Ritzer (DE) & Janine Regan (UK) on June 4, 2021

The European Commission has today published the finalised version of the new Standard Contractual Clauses (the new SCCs).  The purpose of the new SCCs are to help companies legalise transfers of personal data from outside of the EEA.  They…

Proposed amendments to the Personal Data (Privacy) Ordinance to combat doxxing acts

Photo of Anna GamvrosPhoto of Ruby Kwok (HK)Photo of Edward Yau (HK)
By Anna Gamvros, Ruby Kwok (HK) & Edward Yau (HK) on June 3, 2021

The Hong Kong Government is proposing amendments to the Personal Data (Privacy) Ordinance (the “PDPO”) to combat doxxing acts. On 17 May 2021, the Constitutional and Mainland Affairs Bureau (the “CMAB”) published a discussion paper on…

NYDFS settles cybersecurity regulation matter for $3 million

Photo of David Kessler (US)Photo of Susan Ross (US)
By David Kessler (US) & Susan Ross (US) on April 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. (NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020.

Post navigation

 Newer PostsOlder Posts 

Data Protection Report

Facebook Twitter RSS LinkedIn YouTube
Published by
Norton Rose Fulbright LLP logo
DisclaimerPrivacy policy

About

More than a news source, the Data Protection Report provides thought leadership on emerging privacy, data protection and cybersecurity issues, and helps its readers proactively address risks and anticipate next steps in this crucial emerging field.

Read more

Topics

Archives

Copyright © 2025, Norton Rose Fulbright LLP. All rights reserved.