Since the enactment of Singapore’s Cybersecurity Act (Act) in August 2018, the digital battlefield has transformed dramatically. The nation’s move towards digitalisation has not only spurred the growth of Singapore’s digital economy but also brought new cyber threats and challenges to the fore.

Given this, the Cyber Security Agency of Singapore (CSA

Continue Reading Imminent Changes to Singapore’s Cybersecurity Act: New Obligations on Service Providers

We (finally) have more clarity as to the next steps in the long-awaited reform of the Australian Privacy Act.

As we noted back in February this year (see here), the Attorney-General’s Department recommended a number of changes to Australia’s core privacy regime, which saw its last major overhaul in 2014.

The Australian Government

Continue Reading Australia – next stages in the Privacy Act review confirmed

Dear subscriber, 

Thank you for subscribing and being a part of DLA Piper’s Data Protection, Privacy and Cybersecurity community. We appreciate your continued engagement with our insights and the evolving nature of the landscape.

Our goal for this blog is to help you navigate all aspects of data protection, privacy, and cybersecurity laws, while considering

Continue Reading We’re now seamlessly global. Here’s what to expect. 

Authors: Carolyn Bigg, Gwyneth To and Rachel De Souza

Start preparing now to comply with India’s new data protection law. While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be

Continue Reading India: New Digital Personal Data Protection Act, Start Planning Now.

Helpful guidance on some previously uncertain areas of China data protection compliance programmes have been provided by the Administrative Measures for Personal Information Protection Compliance Audit (Draft for Comment) (“Draft Measures”), which were published for public consultation on 3 August 2023 by the Cyberspace Administration of China (“CAC”).

The Draft Measures

Continue Reading CHINA: uncertainties helpfully clarified on various key data compliance activities

To add to the compliance burden, new mandatory, periodic and detailed data protection compliance audits have now been proposed in China, with measures beyond the usual governance/compliance audit compliance steps expected under other data protection frameworks, and a duty to report the audit results to the China data authorities.

On 3 August 2023, the Cyberspace

Continue Reading CHINA: new mandatory data protection compliance audits proposed

Author: Sarah Birkett

Cyber Security Strategy discussion paper launched

This week saw the launch of a discussion paper for the Australian Government’s 2023-2030 Australian Cyber Security Strategy. The discussion paper refers to the lofty aim of making Australia the most cyber secure nation by 2030.

The discussion paper, which acknowledges that the Australian Government was
Continue Reading Australia: Cyber security round-up – new Cyber Security Strategy, data breach stats and more

Authors: Andreas Rüdiger, Philipp Adelberg

The debate on transatlantic data transfers, a possible adequacy decision for the US and the EU-US Data Privacy Framework (“DPF“) is gaining new momentum. On 14 February 2023, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs published its draft motion for a resolution regarding
Continue Reading EU – US adequacy decision: Update

Authors: Carolyn Bigg, Amanda Ge, Venus Cheung, and Gwyneth To

Summary: The final version of the China SCCs has now been published, meaning those organisations that haven’t had to apply for CAC approval for their cross-border transfers of personal information now have until 1 December 2023 to:

  • sign the China SCCs with


Continue Reading CHINA: Final China SCCs for CBDT published – What you need to know

Authors: Sarah Birkett, Nicholas Boyle

The Australian Attorney-General has published the (long-awaited) results of the Privacy Act review.

The report recommends a number of changes to the Australian privacy framework, including various changes to Australia’s core privacy legislation, the Privacy Act 1988 (Cth).

The report does not represent official Government policy and there is
Continue Reading Australia Privacy Act review – a blueprint for change?