Latest updates

Draft e-ID Act to be prepared by Summer 2018
Walder Wyss
  • Switzerland
  • November 28 2017

Switzerland is in the process of adopting legislation on electronic identification. The Federal Council published a preliminary draft e-ID Act and opened it for consultation by any interested actors. The Federal Council recently shared the consultation findings and commissioned the Federal Department of Justice and Police to prepare a revised draft act by Summer 2018.

Court finds no crime coverage for computer fraud losses
Hunton & Williams LLP
  • USA
  • November 14 2017

The US District Court for the District of New Jersey recently granted Travelers' motion to dismiss Posco Daewoo America Corporation's suit for coverage under the computer fraud provision of its crime insurance policy. Daewoo had sought coverage for amounts that had been designated for payment to it by a third-party supplier and stolen after a criminal impersonated a Daewoo employee. The court held that the crime policy did not cover the lost sums because Daewoo had not owned the stolen money.

GDPR: how accountancy firms can prepare for enhanced regime
DAC Beachcroft
  • United Kingdom
  • November 14 2017

Data protection law is set for a radical overhaul in 2018 and accountancy firms should be preparing now for the changes and the compliance challenges that this will bring. The EU General Data Protection Regulation (GDPR) is an attempt to harmonise data protection laws across Europe. The United Kingdom's recently announced Data Protection Bill (which will replace the existing Data Protection Act) will transpose the GDPR into UK law and will be applicable despite Brexit.

Facing privacy suits about facial recognition
Hunton & Williams LLP
  • USA
  • October 31 2017

Recent judicial interpretations of the Illinois Biometric Information Privacy Act present potential litigation risks for retailers that employ biometric-capture technology. Federal judges in various district courts have allowed cases to move forward against companies such as Facebook, Google and Shutterfly, and retailers that use biometric data may also become litigation targets as federal judges decline to narrow the statute's applicability and additional states consider passing copycat statutes.

Data Protection Bill 2017: implications for employers on first reading
DAC Beachcroft
  • United Kingdom
  • October 17 2017

The EU General Data Protection Regulation left room for member states to introduce their own laws in certain areas, including in relation to employment law. As such, the government has now released the draft Data Protection Bill, which is the first glimpse of what will eventually evolve into the Data Protection Act 2018. The bill does not contain major surprises from an employer's perspective, but there is increasing emphasis on the importance of policy documents and record keeping.

Federal Council publishes draft of revised Federal Data Protection Act
Walder Wyss
  • Switzerland
  • October 03 2017

The Federal Council recently issued a draft of the revised Federal Data Protection Act. This draft marks yet another decisive step towards the overhaul of the Swiss data protection landscape. The act's revision is an ongoing process intended to modernise Switzerland's data protection landscape and align it with revised EU legislation.

General Data Protection Regulation – what are the implications for employers as data controllers?
DAC Beachcroft
  • United Kingdom
  • September 26 2017

The government recently issued a statement of intent to publish a new Data Protection Bill. The bill will bring into law the EU General Data Protection Regulation, which takes effect in the United Kingdom in May 2018 and will be the most comprehensive overhaul of data protection law this generation. The new regime for handling personal data has challenges for employers in their capacity as data controllers with increased rights for individuals and enhanced fines for non-compliance.

Hangzhou Internet Court inaugurated
  • China
  • September 26 2017

The Hangzhou Internet Court was recently inaugurated. It has first-instance jurisdiction over a range of disputes, including contract disputes arising from online shopping services and small loans, disputes over internet copyright ownership and infringement, and product liability claims for goods purchased online. This move comes after the Supreme People's Court piloted a programme in May 2017 which granted the Hangzhou Railway Transport Court jurisdiction over five categories of internet-related civil cases.

Upcoming revisions in telecoms sector
  • Switzerland
  • September 12 2017

The telecoms sector is on the move, with numerous revisions being made to upcoming legislation. The first to enter into force is the revision of the Intelligence and Security Act, followed by the revision of the Lawful Interception Act. The other revisions have yet to reach Parliament. The pending revisions request that providers remain alert and continually adapt their processes in order to remain compliant.

Data Protection Authority guides the way
  • Turkey
  • September 05 2017

The Data Protection Authority recently published two guidelines on the implementation of Law 6698 on the Protection of Personal Data on its website. Although these guidelines are not pieces of legislation or legally binding, they include detailed information on the implementation of data protection concepts and procedures regulated under the law. Therefore, it is important to review these guidelines to understand the Data Protection Authority's perspective on data protection-related obligations.

Enforcement of amended personal information protection regime
  • Japan
  • August 29 2017

The widely publicised amendments to the Act on the Protection of Personal Information recently came into force. In addition to changing how companies must handle personal information, the amendments reflect a significant shift in how such obligations are regulated and enforced. They also mark the establishment of the Personal Information Protection Commission, which will be the regulatory body responsible for managing and ensuring compliance with the amended act.

How to enter online consumer market without setting foot in Russia
  • Russia
  • August 08 2017

For companies that are interested in entering the Russian market, but reluctant to establish a physical presence in the country, an online presence can be a viable alternative. The legal requirements for selling goods to Russian customers online are similar to those of other countries. In addition to complying with the mandatory requirements of Russian law, sellers should also make use of the benefits offered therein.

Upcoming secondary legislation on data protection
  • Turkey
  • June 20 2017

Following the enactment of Law 6698 on the Protection of Personal Data, Turkey is preparing relevant secondary legislation. The Draft Regulation on the Data Controllers' Registry and the Draft Regulation on the Erasure, Destruction or Anonymisation of Personal Data were recently published on the website of the Data Protection Authority (DPA) for public consultation. The DPA is also organising meetings with the public and private sectors to gather their opinions and comments on the regulations.

Draft Data Protection Amendment Act 2018 in appraisal
Schoenherr Attorneys at Law
  • Austria
  • May 30 2017

Approximately one year before the General Data Protection Regulation will come fully into force, the Austrian legislature has officially started a six-week consultation process for the national Data Protection Amendment Act 2018. If and to what extent the legislature will make use of the competencies provided for by the 'opening clauses' in the General Data Protection Regulation is highly relevant to companies, and the amendment act has answered this question.

Cyber-insurance, privacy and data security newsletter – May 2017
DAC Beachcroft
  • United Kingdom
  • May 23 2017

The cyber threat to UK businesses is ever increasing, particularly as hackers develop new variants and methods with which to target businesses. Businesses need to regard cybersecurity as a priority and should have risk management strategies in place to prepare and rehearse for cyber and data breach incidents.

ICO consultation: GDPR consent guidance
DAC Beachcroft
  • United Kingdom
  • May 09 2017

The Information Commissioner's Office consultation on its draft General Data Protection Regulation Consent Guidance recently ended. Of key relevance to the insurance sector is the position that consent should not be a precondition of a service. As an insurance policy cannot be provided without 'explicit consent', the consent will have to be 'conditional'; that is, individuals will have to be told that if they do not consent, they cannot take out the policy.

Subject access requests: four key cases
DAC Beachcroft
  • United Kingdom
  • April 25 2017

Four significant decisions have recently affected how data controllers respond to subject access requests (SARs) under the Data Protection Act 1998. In one case, the court declined to enforce further compliance with a SAR as the data controller had already carried out proportionate searches and properly applied the privilege exemption. In the others, it considered the limits on a data controller's obligations when responding to a SAR.

Consequences of failure to meet data security obligations
  • Turkey
  • April 04 2017

Under the Data Protection Law, data controllers must take all necessary technical and administrative measures to ensure an adequate level of security to prevent unlawful processing of and access to personal data and to safeguard such data. Data controllers should provide the required supervision within their own institution or agency or outsource this service to an independent third party to ensure compliance with the Data Protection Law.

General Data Protection Regulation in Jersey: what is it, why should I care and what should I do about it?
  • Jersey
  • April 04 2017

While the media's attention has recently been lavished on Brexit and President Trump, there is one news story that will affect businesses across Jersey sooner than might be expected: the implementation of the General Data Protection Regulation. Jersey businesses must ensure that they comply with the new regulation when it comes into force in May 2018. That means starting work now to assess the impact of the regulation and decide what changes will be needed to ensure compliance.

Obligation to provide information to data subjects
  • Turkey
  • January 24 2017

One of the many obligations imposed on data controllers by Law 6698 on the Protection of Personal Data is to provide certain information to data subjects during the collection of their personal data, including the identity of the data controller and its legal representative and to whom and for what purpose the processed personal data can be transferred. These provisions are in line with the EU Data Protection Directive (95/46/EC), with certain distinctions.

Current search

Refine search

Type

Work area

Jurisdiction

Firm