Category

Data Privacy & Security

Category

The French data protection authority (“Commission nationale de l’informatique et des libertés” or “CNIL”) published, on January 12, 2022, a statement on processor reuse of data entrusted by data controllers. This guidance aims at establishing a legal framework to determine if, and under which conditions, a processor can use personal data it obtained from a controller for purposes broader than just strictly providing services to the controller. Can a processor reuse the data it receives…

Over the years, protecting children’s informational privacy has become a controversial issue. From a legal perspective, there are two questions: to what extent does it depend upon parental control and consent, and how is this factor incorporated into the law seeking to protect children’s informational privacy? Under the Law on Children 2016 (LoC), a child is defined as any person below the age of 16. Personal information, as prescribed by the Law on Cyberinformation Security…

In brief On 27 November 2021, the UAE published the long awaited UAE Personal Data Protection Law, Federal Law 45 of 2021 on Personal Data Protection (the ”Law”). The development signifies a landmark in the evolution of the UAE’s regulatory framework and lays the foundation for the modernization of the economy and digitization of the country’s growth sectors. The Emirates Data Office (the ”Data Office“) will act as the new data regulator and will be…

In a recent judgment, the UK Supreme Court unanimously refused to give permission for a litigant to serve a claim form outside of the jurisdiction in respect of a representative action brought against Google. This case, Lloyd v Google, is the latest, and most significant, in a line of recent decisions (see our other updates here and here) which show a general trend of the courts interrogating the type of losses that have been claimed and rejecting claims for…

If you search for the word “innovation” in the GDPR you might be disappointed. Indeed, you will find no occurrence at all. In our current digital world, this is akin to an elephant in the room. Everybody sees that innovation is the driver of new services, a differentiator that ultimately has consequences on the growth of an economy. Everybody knows that most of the digital innovation relies on intense data processing. However, the most important…

Earlier in October, the Spanish Data Protection Agency (AEPD) and the National Data Protection Authority of Brazil (ANPD) signed a memorandum of understanding for the development of joint actions aimed at promoting the dissemination and practical application of data protection regulations. With the signing of this memorandum, the AEPD and the ANPD undertake, among other aspects: to promote technical cooperation mechanisms for the exchange of knowledge and acquired experiencesto promote the carrying out of studies…

Italy experienced one of the longest and most severe lock-downs during the peak of the pandemic. This made it be one of the first countries to launch a national contact tracing App (Immuni) and a national COVID Certificate (green pass) and from October 15, Italy has become the first European country which has made the green pass mandatory to access the workplace. After an intense period of discussions, on September 21st Decree No. 127/2021 introduced…

The 43rd edition of the Global Privacy Assembly, GPA Mexico 2021 co-sponsored by Baker McKenzie, kicked off Monday with a full slate of virtual presentations and discussions. The program included speakers from regulators and data protection authorities, the private sector, think tanks and advocacy groups, NGOs, and academia—and covered topics ranging from facial recognition to the impact of data protection on marginalized communities. In case you weren’t able to catch the proceedings we’ve compiled some…

The 43rd edition of the Global Privacy Assembly, GPA Mexico 2021 co-sponsored by Baker McKenzie, kicked off Monday with a full slate of virtual presentations and discussions. The program included speakers from regulators and data protection authorities, the private sector, think tanks and advocacy groups, NGOs, and academia—and covered topics ranging from facial recognition to the impact of data protection on marginalized communities. In case you weren’t able to catch the proceedings we’ve compiled some…