Recently, the Cyberspace Administration of China (CAC), which is the primary data regulator in China, published a newsletter about the government authorities’ enforcement of Apps and websites that violated personal data protection and cybersecurity laws during the year 2024.
Based on the official statistics, during 2024, the CAC interviewed 11,159 website platforms, imposed warnings or
The seventh annual edition of DLA Piper’s GDPR Fines and Data Breach Survey has revealed another significant year in data privacy enforcement, with an aggregate total of EUR1.2 billion (USD1.26 billion/GBP996 million) in fines issued across Europe in 2024.
Ireland once again remains the preeminent enforcer issuing EUR3.5 billion (USD3.7 billion/GBP2.91 billion) in fines since
A much-anticipated Opinion from the European Data Protection Board (EDPB) on AI models and data protection has not resulted in the clear or definitive guidance that businesses operating in the EU had hoped for. The Opinion emphasises the need for case-by-case assessments to determine GDPR applicability, highlighting the importance of accountability and record-keeping, while also
On 20 November 2024, the EU Cyber Resilience Act (CRA) was published in the Official Journal of the EU, kicking off the phased implementation of the CRA obligations.
What is the CRA?
The CRA is a harmonising EU regulation, the first of its kind focusing on safeguarding consumers and businesses from cybersecurity threats. It is a
Déjà vu in the world of UK data law: the Labour government has proposed reforms to data protection and e-privacy laws through the new Data (Use and Access) Bill (“DUAB”). The DUAB follows the previous government’s unsuccessful attempts to reform these laws post-Brexit, which led to the abandonment of the Data Protection and Digital
The Irish Data Protection Commission (DPC) has welcomed X’s agreement to suspend its processing of certain personal data for the purpose of training its AI chatbot tool, Grok. This comes after the DPC issued suspension proceedings against X in the Irish High Court. The DPC described this as the first time that any Lead Supervisory
In the rapid development of artificial intelligence (“AI”), regulators are playing catch up in creating frameworks to aid and regulate its development.
As the AI landscape begins to mature, different jurisdictions have begun to publish guidance and frameworks. Most recently, on 11 June 2024, Hong Kong’s Office of the Privacy Commissioner for Personal Data (“PCPD”)
The Data Protection Commission (DPC) has published its 2023 Annual Report, highlighting a record year with DPC fines accounting for 87% of all GDPR fines issued across the EU. A busy year for the DPC also saw a 20% increase in reported personal data breaches as Helen Dixon steps down after 10 years in
In the UK, there is currently heightened regulatory scrutiny and increased public interest in children’s data protection and online harm, with a raft of new guidance and regulation from both the ICO and Ofcom, the chief regulator of the Online Safety Act, in relation to children’s safety online.
Since the introduction of the ICO’s Children’s
The next steps in Australia’s long bubbling reform of the privacy regime has been announced, with draft legislation expected to be tabled by August 2024. The reform is being presented as part of the Federal Government’s efforts to improve online safety, particularly for women, but it’s not clear how broad its remit will be at