Malaysia Introduces Alternative To Prosecution Of Data Protection Breaches

locked screen

Malaysia has introduced a new mechanism for sanctioning data protection breaches. Under section 132 of the Personal Data Protection Act 2010 supplemented by the Personal Data Protection (Compounding of Offences) Regulations 2016 (“the Regulations”), enacted on 16 March 2016, certain data protection offences may be “compounded” instead of being formally prosecuted. In other words, offenders … Read more

Validity Of Consent Coupled With Free Online Services – Chair Of EDPB Opens A Path

lock with stars

The Austrian Data Protection Authority, headed by the chair of the European Data Protection Board (EDPB), provided a clear way forward for advertising-based business models. Following a complaint against an Austrian newspaper, the Austrian Data Protection Authority (DPA) decided that the prohibition on making the provision of a service conditional on consent (“coupling prohibition”; Article … Read more

Cloud Computing 2015/2016 Baker & Mckenzie Cloud Survey Results

multiple devices

Part of the b:INFORM 2015/2016 Cloud Survey Trend Series Cloud Survey – Tax Perspective  Outsourcing to the Cloud for Financial Institutions  Fast Moving Fronts: 3 Things You Need to Know About How Better, Faster, Cheaper is Impacting Your Enterprise’s Use of the Cloud  Global Enterprises and the Cloud  Integration of Bundled Cloud Offerings  The Importance of Security in the Cloud: Security and … Read more

Ready Or Not, Here It Comes – EU General Data Protection Regulation


After years of consulting, drafting and negotiating at various levels, on 15 December 2015 the final compromise text of the EU General Data Protection Regulation (GDPR) was agreed. What a milestone! Once the European Parliament and Council both adopt the agreed text, the GDPR will officially come into force, which is expected to be January … Read more

5 Basics You Need To Know About Biometrics


Once confined to scientific research and criminal investigations, biometric data is now frequently used in everyday scenarios like building access controls, mobile devices and airport security checks.  It is hailed for enhancing security but it is also feared for invading privacy.   In this post, you will learn five basics you should know about biometrics.  Click here for … Read more

Philippine Government Issues Implementing Rules Under Cybercrime Law

broken data

In August 2015, the Departments of Justice, Interior and Local Government, and Science and Technology of the Philippines jointly issued the administrative rules and regulations (“Implementing Rules”) implementing the Cybercrime Prevention Act of 2012 (“Cybercrime Law”). The government completed the Implementing Rules nearly three years after the Cybercrime Law was passed by the Philippine Congress. … Read more

Four Key Rules For Collecting Biometric Data In A Privacy – Compliant Way


In this post, we provide you with four key rules for collecting biometric data to ensure the collection is privacy-compliant.  While extracted from the recent Guidance on Collection and Use of Biometric Data issued by the Hong Kong Privacy Commissioner and from a 2011 Guidance issued by the Canadian Privacy Commissioner, these rules are of … Read more

GDPR – German Data Protection Authorities Establish New Rules For Whistleblowing Hotlines: Call For Action

three women

In light of the GDPR, the German data protection authorities (German DPAs) have issued new guidance regarding the implementation of whistleblowing hotlines. The new position of the German DPAs is so fundamentally different from their pre-GDPR position that German companies should review, and likely implement changes to, any existing whistleblowing hotlines offered to their employees. … Read more

California – New Data Security Requirements For Manufacturers Of Connected Devices


Effective January 1, 2020, according to a new Cal. Civ. Code § 1798.91.04(a), manufacturers of connected devices offered for sale or sold in California must equip such devices with reasonable security features to protect the device and any information contained in them from unauthorized access, destruction, use, modification, or disclosure.Unlike the GDPR and other data … Read more