Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our summary), the Personal Data Protection Commissioner of Malaysia (“Commissioner”) recently released guidelines that flesh out such requirements, titled the
Continue Reading Malaysia: Guidelines Issued on Data Breach Notification and Data Protection Officer Appointment
Since the full implementation of Thailand’s Personal Data Protection Act (PDPA) in June 2022, the Personal Data Protection Committee (PDPC) has been instrumental in shaping the nation’s data protection framework. Recently, the PDPC provided detailed clarifications on data breach notification requirements by responding to the public consultation, offering essential guidance for
Continue Reading Thailand: PDPC’s Clarification on Personal Data Breach Notification
The seventh annual edition of DLA Piper’s GDPR Fines and Data Breach Survey has revealed another significant year in data privacy enforcement, with an aggregate total of EUR1.2 billion (USD1.26 billion/GBP996 million) in fines issued across Europe in 2024.
Ireland once again remains the preeminent enforcer issuing EUR3.5 billion (USD3.7 billion/GBP2.91 billion) in fines since
Continue Reading EU: DLA Piper GDPR Fines and Data Breach Survey: January 2025
Additional and clarified data compliance obligations will soon come into force under the long-awaited Network Data Security Management Regulation (“Regulation“), which was released on 30 September 2024. The Regulation is formulated under the existing data protection framework pillars of the Cyber Security Law, the Data Security Law and the Personal Information Protection Law
Continue Reading CHINA: Enhanced and clarified data compliance obligations on handlers of “network data”, covering personal information and important data, and operators of online platforms from 1 January 2025
The Data Protection Commission (DPC) has published its 2023 Annual Report, highlighting a record year with DPC fines accounting for 87% of all GDPR fines issued across the EU. A busy year for the DPC also saw a 20% increase in reported personal data breaches as Helen Dixon steps down after 10 years in
Continue Reading Ireland: DPC Issues Record 87% of EU GDPR Fines in 2023; Breach Reports Increase by 20%Overview
On February 21, 2024, the California Attorney General (CA AG) announced that it had reached a settlement with DoorDash over allegations that the company failed to comply with “sale” requirements under the California Consumer Privacy Act (CCPA) and disclosure requirements under the California Online Privacy Protection Act (CalOPPA). The settlement requires DoorDash to pay
Continue Reading California Attorney General Settles with DoorDash over Alleged Sale of Personal InformationIn our highly connected world, technology and data have become increasingly material to most companies, regardless of industry or sector.
Continue Reading US: New SEC Cyber Rules — A Deep Dive into Cybersecurity Processes to Support Accurate and Complete Disclosures
Dear subscriber,
Thank you for subscribing and being a part of DLA Piper’s Data Protection, Privacy and Cybersecurity community. We appreciate your continued engagement with our insights and the evolving nature of the landscape.
Our goal for this blog is to help you navigate all aspects of data protection, privacy, and cybersecurity laws, while considering
Continue Reading We’re now seamlessly global. Here’s what to expect.Author: Carolyn Bigg
Are we seeing a return of proactive enforcement of Hong Kong’s data protection laws, after a lull in recent years?
On 14 November 2022, the Office of the Privacy Commissioner for Personal Data (“PCPD”) published two investigation reports for non-compliance of the Personal Data (Privacy) Ordinance (“PDPO”):
Author: Sarah Birkett
Anyone with a passing interest in Australian privacy laws will no doubt have heard about the Optus data breach. The incident, which was made public in late September 2022, is thought to have affected around 9 million individuals (almost 40% of the Australian population), with identity documents relating to approximately 2.22 million
Continue Reading AUSTRALIA: Likely increase in maximum penalties for privacy breaches
