data privacy Archives

In Cybersecurity, Data and Tech

Philippines: Implementing rules of the Internet Transactions Act

October 19, 2024 by Donemark Calimon, Bienvenido A. Marquez III, Divina Pastora V. Ilas-Panganiban, Ina Alexandra A. Dominguez, Frederick August I. Jose, Camille Bianca Gatmaitan, Felicisimo Agas III, Oswald Imbat and Alvin R. Tan 6 Mins Read

Various agencies led by the Department of Trade and Industry (DTI) have signed Joint Administrative Order No. 24-03, Series of 2024 containing the Implementing Rules and Regulations (IRR) of Republic Act No. 11967, or The Internet Transactions Act of 2023 (ITA).
The ITA is intended to regulate e-commerce, protect consumer rights and data privacy, and uphold intellectual property rights.
The IRR clarifies the scope and coverage of the ITA, the enforcement powers of the DTI vis-à-vis other agencies, and the applicable procedure for imposition of fines.

In Cybersecurity, Data and Tech

Japan: Personal Data Protection Commission – Announces Interim Report of Triennial Review

August 5, 2024 by Kensaku Takase, Daisuke Tatsuno, Tsugihiro Okada, Ayako Suga and Ayako Nakano 9 Mins Read

On 27 June 2024, the Personal Information Protection Commission (PPC), Japan’s data protection authority, released the “Interim Report on Considerations for the Triennial Review of the Act on Protection of Personal Information” (“Interim Report”). The Interim Report summarizes discussions within the PPC on issues surrounding the Act on Protection of Personal Information (APPI) from November 2023 to June 2024. The Interim Report is in accordance with amendments made to the APPI in 2020 requiring the PPC to review the provisions of the APPI every three years.

In Cybersecurity, Data and Tech

Portuguese DPA to issue only provisional authorizations for cross-border transfers of personal data to the US

November 2, 2015 by Ricardo Henriques 3 Mins Read

On October 23, 2015, the Portuguese Data Protection Authority issued a statement on transfers of personal data to the US which invalidated the European Commission decision 2000/520 / EC (Safe Harbor Decision),

In Austria

Frequently Asked Questions on the Judgment of the CJEU on the US/EU Safe Harbor Program

October 9, 2015 by Brian Hengesbaugh, Julia Kaufmann and Anne-Marie Allgrove 10 Mins Read

The Court of Justice of the European Union, following the opinion of the Advocate General, invalidated European Commission Decision 2000/520 dated July 27, 2000, which allowed transfers of personal data to US companies that self-certified under the US/EU Safe Harbor Program.

In Central-Western Europe

Germany Fines Two Companies for Unlawful Transfer of Customer Data as Part of an Asset Deal

October 8, 2015 by Prof. Dr. Wolfgang Fritzemeyer, Julia Kaufmann and Matthias Scholz 7 Mins Read

The Bavarian Data Protection Authority (DPA) in Germany has fined two implicated companies – both seller and purchaser – for unlawfully transferring customer data as part of an asset deal.

In Asia-Pacific

Introduction of significant amendments to Japan’s Privacy Law

September 4, 2015 by Daisuke Tatsuno and Kensaku Takase 3 Mins Read

On 3 September 2015, extensive amendments were introduced to the law in Japan which deals with the protection of personal information, “The Act on the Protection of Personal Information”.

In Cybersecurity, Data and Tech

Hungary Imposes New Mandatory Data Breach Registry Requirements

July 15, 2015 by Adam Liber 2 Mins Read

The Hungarian Parliament has recently adopted an amendment (Act No CXXIX of 2015) to the Information Act that will provide regulation regarding how data controllers must treat data breach incidents. Under the amendment, a data breach incident is any unauthorized processing of data, including the unauthorized access, alteration, unauthorized transfer,…