Tech, Data, Telecoms & Media updates

Austria

Contributed by Schoenherr
Influencer marketing – Advertising Council adopts specific rules
  • Austria
  • 15 March 2019

'Influencer marketing' means taking advantage of bloggers and other persons who have their own social media channels to promote goods and services. While the concept of transmitting arguably hidden advertising is problematic, there are many variations of this and the lines between hidden advertising and personal opinion are often blurred. As such, the Advertising Council recently issued guidelines for dealing with influencer marketing as a specific means of marketing communication.

GDPR implementing legislation in Austria
  • Austria
  • 07 December 2018

The EU General Data Protection Regulation (GDPR) has created a new understanding and awareness of data protection. Despite being a directly applicable legal act, the GDPR has created significant work for the Austrian federal legislature, which has chosen to impose it by implementing the narrow but general Data Protection Act and introducing amendments to ordinary legal acts individually. However, these amendments are essentially limited to wording adjustments and restrictions on data subjects' rights.

DPA's strict view on retention periods
  • Austria
  • 25 September 2018

The Austrian Data Protection Authority (DPA) recently published its first decision on retention periods following the enactment of the General Data Protection Regulation. The decision is final. The DPA had to decide how long a telecoms service provider must retain so-called 'master data' – that is, data required for the controller's legal relationship with the users of its services.

Privacy-related representations in M&A agreements
  • Austria
  • 15 May 2018

Companies regularly store information about their customers, clients, employees, investors, partners and vendors. Privacy and data security are therefore important aspects of most M&A transactions. Although the risk of non-compliance with privacy laws may result in severe negative consequences, many M&A agreements still lack adequate privacy-related representations and warranties.

Proposals to alter national Data Protection Act
  • Austria
  • 24 April 2018

Members of Parliament recently filed an application to amend the Data Protection Act 2018 in order to clarify certain aspects which have led to confusion over the past couple of months. In addition to several provisions relating to competence, the proposed act, among other things, contains a rephrased version of the fundamental right to data protection, introduces the mandatory appointment of data protection officers and suggests enabling the matching of images with explicit consent.


Bermuda

PIPA and GDPR: new regulations protecting personal information
Carey Olsen Bermuda
  • Bermuda
  • 03 July 2018

The Personal Information Protection Act (PIPA) was introduced to regulate and protect the use of personal information and embodies eight core privacy principles which are internationally recognised and accepted. As with the PIPA, the General Data Protection Regulation (GDPR) was enacted to govern the use of personal information and data. Bermuda companies should seek legal advice to determine whether the GDPR applies to their operations and, if so, how.


Brazil

New data protection law enacted
BMA Barbosa Mussnich Aragao
  • Brazil
  • 18 September 2018

The president recently approved, with a partial veto, the Project for a General Law regarding Data Protection. The law will regulate the processing of personal data in Brazil. Even though this adaptation may be costly and time consuming, the enforcement of the law is expected to guarantee greater protection of personal data, increasing confidence in Brazil's economic environment.


China

Contributed by AnJie Law Firm
PBoC proposes new rules to regulate collection and processing of personal financial information
  • China
  • 08 November 2019

The People's Bank of China recently issued the Trial Measures for the Protection of Personal Financial Information/Data (Preliminary Draft) to relevant commercial banks in order to solicit their opinions. It has been reported that under the trial measures, banks and other financial institutions will be unable to obtain personal financial information from third parties that are illegally engaged in personal credit investigation activities.

Guiding Opinions on Promoting the Development of the Network Security Industry published for public comment
  • China
  • 01 November 2019

The Ministry of Industry and Information Technology recently published the Guiding Opinions on Promoting the Development of the Network Security Industry for public comment. According to the opinions, the ministry aims to have a number of cybersecurity enterprises generating an annual revenue of over Rmb2 billion by 2025. As such, the opinions provide a list of recommendations to that end.

Educational apps must be officially registered by end of 2019
  • China
  • 25 October 2019

The Ministry of Education and seven other authorities recently published the Opinions on Guiding and Regulating the Orderly and Healthy Development of Educational Apps. The aim is that all educational mobile apps will be registered by the end of 2019. To this end, providers of such apps must file details of their apps with provincial education administrations and adhere to data protection rules.

Regulations on Network Eco-governance issued for public comment
  • China
  • 18 October 2019

The Cyberspace Administration of China recently published the draft Regulations on Network Eco-governance for public consultation. The regulations apply to the actions of network information content producers, network information content service platforms and network information content service users, which are prohibited from producing illegal or harmful information.

Email addresses and location information likely to fall within scope of 'personal information'
  • China
  • 11 October 2019

The draft Civil Code was recently submitted to the Standing Committee of the 13th National People's Congress for a third reading. Compared with the first and second drafts, the third draft expands the scope of the definition of 'personal information' to cover email addresses and location information.


Croatia

GDPR implementation grows nearer: will Croatia be ready?
Macesic & Partners
  • Croatia
  • 27 February 2018

The European Commission's recent communication shows that only two member states have adopted the national legislation required to implement the EU General Data Protection Regulation. Others, Croatia included, are at different stages of the process. To meet the May 25 2018 deadline, Croatia should promptly address its national approach to open issues – in particular, its policies surrounding administrative fines.