Authors: Andreas Rüdiger, Philipp Adelberg

The debate on transatlantic data transfers, a possible adequacy decision for the US and the EU-US Data Privacy Framework (“DPF“) is gaining new momentum. On 14 February 2023, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs published its draft motion for a resolution regarding
Continue Reading EU – US adequacy decision: Update

Authors: Carolyn Bigg, Amanda Ge, Venus Cheung, and Gwyneth To

Summary: The final version of the China SCCs has now been published, meaning those organisations that haven’t had to apply for CAC approval for their cross-border transfers of personal information now have until 1 December 2023 to:

  • sign the China SCCs with


Continue Reading CHINA: Final China SCCs for CBDT published – What you need to know

Authors: Sarah Birkett, Nicholas Boyle

The Australian Attorney-General has published the (long-awaited) results of the Privacy Act review.

The report recommends a number of changes to the Australian privacy framework, including various changes to Australia’s core privacy legislation, the Privacy Act 1988 (Cth).

The report does not represent official Government policy and there is
Continue Reading Australia Privacy Act review – a blueprint for change?

Author: Carolyn Bigg, Yue Lin Lee

Indonesia’s long-awaited Personal Data Protection Law (“PDPL”) finally came into force on 17 October 2022, helpfully consolidating and clarifying the personal data protection framework in Indonesia.

Whilst there is a two-year transition period, businesses with Indonesian operations or which process the personal data of Indonesian citizens should now make
Continue Reading INDONESIA: Personal Data Protection Law PDPL Now in Force

Authors: Alexa Smith, James Clark, Robyn Palmer, Jamie Sanderson

The UK Government has published its long-awaited ‘Data Protection and Digital Information Bill’. The Bill will reform areas of UK data protection and electronic privacy law, and will also introduce new regulatory frameworks, most notably in the field of digital identity
Continue Reading UK: New Data Protection and Digital Information Bill

Authors: Carolyn Bigg, Venus Cheung, Fangfang Song

The new “Administrative Regulations on Algorithm Recommendation of Internet Business Services” comes into force on 1 March 2022, and will introduce important rules on the use of algorithms when operating digital platforms/websites/apps – including targeted marketing – in China. The new regulations are designed to ensure
Continue Reading China: new rules on use of algorithms for digital business, data analytics and decision-making