Arendse Huld writes: China has been expanding its legal framework for cybersecurity and data protection in recent years, with further advancements seen in 2023. This year witnessed the refinement of legal requirements governing the procedures to export personal information (PI), bringing further clarity to the responsibilities and accountabilities of companies. At the same time, 2023…
Category: Non-U.S.
EDPB Publishes Guidelines to Clarify Scope of EU “Cookie” Notice and Consent Requirements
Hunton Andrews Kurth writes: On November 16, 2023, the European Data Protection Board (“EDPB”) published its Guidelines 2/2023 on the Technical Scope of Art. 5(3) of the ePrivacy Directive (the “Guidelines”). Article 5(3) of the ePrivacy Directive is most commonly known for establishing the cookie notice and cookie consent requirements in the EU. That said, Article 5(3)…
UK: Former NHS secretary found guilty of illegally accessing medical records
From the Information Commissioner’s Office: A former NHS employee has been found guilty and fined for illegally accessing the medical records of over 150 people. Loretta Alborghetti, from Redditch, worked as a medical secretary within the Ophthalmology department at Worcestershire Acute Hospitals NHS Trust when she illegally accessed the records. In June 2019, a complaint…
ICO seeks permission to appeal against Clearview AI tribunal ruling
Martyn Landi reports: The UK’s data protection watchdog is seeking permission to appeal against the decision of a tribunal to overturn a data privacy fine handed out to facial recognition firm Clearview AI. The Information Commissioner’s Office (ICO) said it believes the tribunal incorrectly interpreted the law when overturning a £7.5 million fine handed out…