On 11 August 2023, after close to a decade since its initial conception, India’s Digital Personal Data Protection Act (Act) received presidential assent, formalising the nation’s first ever comprehensive data protection law.
Definitions
There are several key definitions and references adopted in the Act, as follows:
On July 10, the European Commission formally adopted the EU-U.S. Data Privacy Framework (DPF). The Commission’s adequacy decision (and the documentation package accompanying it, including the FAQ) brings welcome news: for certified DPF participants, personal data can flow between the European Economic Area (EEA) and the United States (U.S.
The Law Commission for England and Wales has published its recommendations for reform of the law on “digital assets”, covering digital files, digital records, email accounts, domain names, in-game digital assets, digital carbon credits, crypto-tokens/cryptocurrencies and non-fungible tokens (NFTs).
The Law Commission’s project reflected concerns that some digital assets do not fit readily within traditional
ChatGPT is a powerful tool for work and study purposes. From an enterprise perspective, being able to find answers to complex questions by simply typing in a prompt is attractive. However, it is essential to consider the veracity of the information obtained. A recent paper published by OpenAI – the developer of ChatGPT – explores
The scale, pace and far-reaching consequences of technological change present significant challenges to lawmakers and regulators around the world. The transformative economic and commercial potential of artificial intelligence and the real-world impact of autonomous and connected vehicles and the internet of things come with significant implications for privacy, intellectual property rights and cybersecurity. To help
The EU adequacy decision in favour of the UK allows the free flow of personal data between the UK and the European Economic Area (the EU member states plus Iceland, Liechtenstein and Norway). Both before and since expiry of the Brexit implementation period businesses have emphasised the crucial importance of maintaining that adequacy decision, pointing
This article was originally published on Privacy World on April 11, 2023 and was updated on June 1, 2023.
Artificial intelligence (AI) depends on the use of “big data” to create and refine the training models from which the AI “learns”. Although concerns have tended to focus on questions such as inherent bias within the
On 8 March 2023 the UK government heralded its new Data Protection and Digital Information (No 2) Bill (the Bill) as a “new common-sense-led version of the EU’s GDPR” that would save the UK economy more than £4 billion over the next 10 years and ensure that privacy and data protection are securely protected”.
The UK’s Electronic Communications (Security Measures) Regulations 2022 (the Regulations) came into force on 1 October 2022, together with the Telecommunications Security Code of Practice (the Code of Practice). The Regulations reflect the increased risk of cyber-attack and data breaches, whether for criminal purposes or by potentially hostile states. They supplement general duties imposed on providers of public electronic communications networks and services by the Communications Act 2003, sections 105A and 105C, and provide Ofcom with new powers to monitor and enforce enhanced obligations affecting:
In a CLE webinar earlier this week, Malcolm Dowden (Partner, London) and Niloufar Massachi (Associate, Los Angeles) discussed evaluating, drafting, and updating vendor agreements to meet the privacy and security requirements of new US privacy laws and the GDPR.
Continue Reading Malcolm Dowden and Niloufar Massachi Discuss Vendor Contracting Requirements Under New US Privacy Laws and the GDPR