Data Privacy & Security Archives

In Data Privacy & Security

Data Protection Day – Key developments and trends for 2023

January 26, 2023 by Benjamin Slinn, Vinod Bange, Dr Lukas Feiler, Alissa Forstner, Liz Grimwood-Taylor, Anne-Marie Allgrove, Anne Petterd, Caitlin Whale, Adrian Lawrence, Toby Patten, Guillermo José Cervio, Valentina Salas, Valentina Biondi Grane, Elisabeth Dehareng, Caroline Serbanescu, Flavia Rebello, Theo Ling, Conrad Flaczyk, Nadia Rauf, Carolina Pardo, Magalie Dansac Le Clerc, Yann Padova, Florian Tannen, Dr Michaela Nebel, Prof. Dr. Michael Schmidl, Jiří Čermák, Milena Hoffmanová, Lenka Bešťáková, Francesca Gaudino, Yuki Kondo, Daisuke Tatsuno, Kensaku Takase, Dr. Csaba Vári, Marcia Lee, Benjamin Lau, Daniel Villanueva-Plasencia, Carlos Vela-Trevino, Elvia Aragon, Nathalja Doing, Teresa Tovar, Bienvenido A. Marquez III, Frederick August I. Jose, Radoslaw Nozykowski, Patricia Pérez, Peder Oxhammar, William Höglund, Emelie Ageby Svensson, Margarita Kozlov, Johanna Moesch (Mösch), Nadine Charrière, Muriel Binder, Jo-Fan Yu, Dhiraphol Suwanprateep, Pattaraphan Paiboon, Kritiyanee Buranatrevedhya, Thananya Chaikamonsuk, Can Sozer, Yigit Acar, Ecem Elver, Aybuke Gundel, Kellie Blyth, Maher Ghalloussi, Lucrezia Lorenzini, Alex Toh, Ken Chia, Cristina Messerschmidt, Rachel Ehlers, Cynthia Cole, Brian Hengesbaugh, Stephen Reynolds, Nick Merker, Harry Valetk, Lothar Determann, Jonathan Tam, Helena Engfeldt, Maria Eugenia Salazar-Furiati, Manh Hung Tran and Jacqueline Wong 102 Mins Read

28 January 2023 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2023, Baker McKenzie’s Global Data Privacy and Security Team is pleased to present this special edition update of key data protection and privacy developments and trends across the globe, as well summarising future legislative changes, predictions, and enforcement priorities to look out for during 2023.…

In Data Privacy & Security

Podcast Episode: Data Privacy & Security – Key Developments and Trends for 2023

January 26, 2023 by Brian Hengesbaugh and Benjamin Slinn 1 Min Read

In this episode, Brian Hengesbaugh, Global Chair of Privacy & Security, is joined by Ben Slinn, senior associate in London, as they discuss data privacy predictions across the globe for the year ahead. Listen in to hear about: The data protection regime in the UK post Brexit and what lies ahead Trends and issues that we are seeing from an EU perspective Key developments and significant changes on the horizon outside of the EU For…

In Data Privacy & Security

OPC-Funded Study Calls for Stricter Data Privacy Regulation of Commercial Virtual Healthcare Services in Canada

January 18, 2023 by Theo Ling, Conrad Flaczyk, Jacqueline Chan, Matthew Cook and Nadia Rauf 5 Mins Read

In Fall 2022, the Office of the Privacy Commissioner of Canada (OPC) published a study it had funded on the privacy implications of direct-to-patient commercial virtual care platforms (VCPs) in Canada, technologies that allow healthcare practitioners to provide healthcare services to patients remotely. While the study does not constitute binding law or guidance, it is nonetheless noteworthy for operators of VCPs because (1) it identifies practices by commercial operators that the study describes as problematic…

In Data Privacy & Security

Podcast Episode: A Glimpse Into Privacy in the Metaverse

December 15, 2022 by Brian Hengesbaugh and Anne Petterd 1 Min Read

In this episode, Brian Hengesbaugh, Global Chair of Privacy and Security, is joined by Anne Petterd, privacy and cybersecurity partner based in Sydney, as they discuss privacy in the metaverse, highlighting key concerns at the intersection of these two complex and cutting-edge issues. The two explore universal topics of trust, transparency and how they relate to personal data protection in the digital environment. Listen in to hear more about: What is the metaverse? Who controls…

In Data Privacy & Security

European Commission Moves Towards U.S. Adequacy Decision for Data Transfers

On December 13, the European Commission (“EC”) announced a draft decision on the adequacy of the U.S data protection regime to protect the personal data of European Union (“EU”) residents, the EU-U.S. Data Privacy Framework (“DPF”). The DPF, which was initially announced in March 2022 as a political agreement between the EU and the U.S., and then bolstered by President Biden’s Executive Order (“EO”) in October 2022, opens the door for an EU-U.S. data transfer…

In Data Privacy & Security

New ICO guidance on international data transfers

December 5, 2022 by Joanna De Fonseka and Leo Hutchings 5 Mins Read

Key changes are updates to the ICO’s existing guidance on international transfers to include a new section on transfer risk assessments, and an accompanying TRA tool.

In Data Privacy & Security

3 Steps to Access Health Data for Research in the UK: New Guidance

November 30, 2022 by Jaspreet Takhar 3 Mins Read

The UK’s Health Research Authority (HRA) has unveiled new guidance which signposts the three essential steps to access health and care data for research purposes. The guidance delves into a point that researchers often miss: the common law duty of confidentiality runs in parallel to data privacy laws, and each regime needs to be considered separately to ensure data access requests can stand up to regulatory scrutiny. Step 1: Scoping – What are the data…

In California Privacy Law

Virginia Consumer Data Protection Act takes effect in 2023

November 28, 2022 by Lothar Determann, Helena Engfeldt, Jonathan Tam and Andrea Tovar 9 Mins Read

Companies around the world have to comply with the Virginia Consumer Data Protection Act (VCDPA) with respect to personal data of consumers in Virginia. With the VCDPA, Virginia follows the California Consumer Privacy Act of 2018, as amended by the California Consumer Rights Act of 2020 (CCPA) but excludes employee and business representative data from its scope. Businesses that have implemented measures to comply with the CCPA can leverage some of their existing vendor contract terms, website…

In Data Privacy & Security

Bill 88: Lessons Learned from Developing Electronic Monitoring Policies in Ontario

October 27, 2022 by Theo Ling, Jacqueline Chan, Conrad Flaczyk and Jeremy Hann 6 Mins Read

Since October 11, 2022, employers who electronically monitor their employees with more than 25 employees in Ontario have been required to have a written electronic monitoring policy in place pursuant to Ontario’s Employment Standards act, 2000 (“ESA”), as amended by Ontario’s Bill 88, Working for Workers Act, 2022 (“Bill 88”). However, employers have largely been left to decide how best to introduce and structure these policies given the recency of the law. Some common questions…

In California Privacy Law

California Privacy Agency Releases Modified Proposed Regulations

October 21, 2022 by Brian Hengesbaugh, Cynthia Cole, Rachel Ehlers, Cristina Messerschmidt and Harry Valetk 6 Mins Read

This week, the California Privacy Protection Agency (“CPPA”) released modified proposed regulations (“Modified Regulations”) for compliance with the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), and an explanation of the proposed changes, ahead of its upcoming Board Meetings. It is expected that the CPPA will discuss, and possibly adopt or modify further, the Modified Regulations during the CPPA Board Meetings which are scheduled for October 21-22 and October 28-29, 2022.…