Israel Privacy Protection Bill Includes Steep Sanctions - and a DPO

On January 6, 2022, the Israeli government released a long anticipated bill amending and updating Israel’s 1981 Privacy Protection Act (PPA) (the Bill). If passed, the Bill would constitute the most comprehensive update of the PPA in more than two decades. Primarily, the Bill greatly enhances the enforcement and investigation…

Read More

Israel's Privacy Regulator Relaxes Onward Transfers Restriction

In a draft opinion published today, the Israeli Privacy Protection Authority (IPPA) relaxed one of the most stringent requirements under Israel’s data protection law, which for years cast doubts over the legality of any onward transfer in case of a data transfer from Israel. The opinion states that onward transfers…

Read More

The Year Ahead: Privacy Developments in 2022

Now that 2021 came to a close, what does our crystal ball predict for privacy developments in 2022? Here’s a quick rundown. Law and policy developments In 2022, expect an avalanche of new laws and regulations, attempting to govern and impose order on a dizzying array of tech developments. New…

Read More

The UK’s Newly Assertive FCA pushes Google to Check Fintech Companies’ Drive Into Europe

The UK’s Newly Assertive FCA pushes Google to Check Fintech Companies’ Drive Into Europe Subject to mounting pressure from UK lawmakers and regulators, in June 2021 Google announced a new policy that could limit the ability of US fintech companies to advertise in the UK – a key market for…

Read More

Critical Log4j Vulnerability Wreaks Havoc Across Cyberspace

In what is likely the largest industry-wide vulnerability since the SolarWinds Orion flaw uncovered late last year, a critical software bug was recently discovered within Apache Log4j, an open-source logging utility widely used in business software development. A long list of technology companies have already reported being affected, including such…

Read More

Thirty-Six Hour Breach Notification Rule Puts Banking Organizations on Notice

In response to the growing threat to financial stability posed by cybersecurity incidents, the Office of the Comptroller of the Currency (OCC), the U.S. Department of the Treasury, the Federal Reserve Board, and the Federal Deposit Insurance Corporation (FDIC) (collectively, the “agencies”) published a rule titled “Computer-Security Incident Notification Requirements…

Read More

ICO Issues Opinion on Data Protection and Privacy Expectations for Online Advertising Proposals

On 25 November 2021, the UK Information Commissioner’s Office (“ICO”) published an Opinion on Data Protection and Privacy Expectations for Online Advertising Proposals (“Opinion”). The Opinion emphasizes several data protection concerns relating to behavioural advertising and sets out overarching expectations that companies must meet to safeguard people’s privacy online when…

Read More

Approaching Deadline for Data Controller Registration and Representation Requirements in Turkey

Data controllers processing personal data in Turkey must register with the Turkish Data Controllers Registry, “VERBIS”, to notify the Turkish Data Protection Authority (“DPA”) of their processing activities by 31 December 2021, under penalty of a fine. In addition, data controllers not established in Turkey (“foreign controllers”) will need to…

Read More

EDPB Defines a "Transfer" Under the GDPR

On 18 November 2021 the European Data Protection Board (“EDPB”) released its Guidelines 05/2021 on the Interplay between the application of Article 3 and the provisions on international transfers as per Chapter V of the GDPR (“Guidelines”) for public consultation.  The Guidelines clarify one of the most vexing issues in…

Read More

Québec Adopts New Comprehensive Data Protection Law

On September 22, 2021, Bill 64, the Act to Modernize Legislative Provisions respecting the Protection of Personal Information[1] (the “Act”) received royal assent in Québec.  This important and comprehensive new data protection law will usher in significant changes to the protection of personal data in Québec, bringing the privacy regulatory…

Read More