Singapore is planning key updates to its data privacy law, bringing the country more closely in line with the EU, Australia, and other regions that have strictly regulated the use and sharing of online personal information. Multinationals doing business with the island nation should review their procedures for collecting and processing personal data to ensure they are in compliance before the changes become law.
On 16 July 2020, the European Court of Justice found that the EU-U.S. Privacy Shield fails to protect individuals’ rights to privacy. As a result, data transfers using the Privacy Shield mechanism are no longer GDPR-compliant.
Many European countries are turning to contact-tracing apps to reduce coronavirus transmission, but the apps have raised data-privacy concerns. Governments are moving ahead with the technology, struggling to achieve a balance between public safety and citizen privacy.
The UK Supreme Court ruled that a supermarket chain was not liable for a data breach caused by a disgruntled employee. The ruling is narrow, however, and employers must consider a number of factors in its wake.
The California Consumer Privacy Act (CCPA) goes into effect 1 January 2020. The Act will affect many if not most U.S. businesses and many companies worldwide. It takes a strict view of what constitutes private data and provides for a variety of penalties, some of them severe.
Germany’s first GDPR fine underscores the willingness of authorities to enforce the law, but its relatively low amount may also indicate leniency for companies that take swift corrective action.
Not long after the EU’s General Data Privacy Protection Regulation (GDPR) came into force, the Brazil president sanctioned bill PLC 53/2018 (Brazilian Data Protection Law, or the Bill), which regulates the protection, collection and processing of personal information by both private companies and public authorities.
The German-language chat platform Knuddels has been fined 20,000 euros by German data protection authorities after a breach in which the personal information of about 330,000 users was stolen.
Effective September 4, 2018, new cybersecurity rules went into effect for covered entities regulated by the New York State Department of Financial Services (NYDFS).
Updates have been to the California Privacy Act and will become effective January 1, 2020.
Italian privacy law incorporated the EU General Data Protection Regulation as of September 19, 2018.
Updates to employment law in Ireland include the the Parental Leave (Amendment) Bill 2017, which has changed leave entitlements from 18 to 26 weeks.