U.S.-based multinationals with employees in the People’s Republic of China are confronting a November 30 deadline to implement China’s new cross-border data transfer mechanism—the Standard Contract.
With presidential assent granted on August 11, 2023, for India’s Digital Personal Data Protection Act, 2023, India joined the ranks of dozens of jurisdictions globally that have enacted comprehensive data protection laws.
Even when they establish rules and policies prohibiting the improper use of their customers’ private information, employers may be found vicariously liable when their employees violate s. 1 of British Columbia’s Privacy Act.
The Brazil Data Protection Agency (“ANPD”) on August 15, 2023 released a draft of the International Transfer of Personal Data Regulation and the standard contractual clauses for public comment.
The Office of the Privacy Commissioner of Canada revised its guideline, Privacy in the Workplace, which addresses employee rights and workplace obligations with respect to employee personal information under federal privacy legislation.
The new Data Privacy Framework offers multinational employers a streamlined mechanism for transferring the personal data of EU personnel from subsidiaries in the EU to the parent corporation and its subsidiaries and affiliates in the United States.
On May 24, 2023 (or as we like to call it, the eve of GDPR’s 5th birthday), the UK’s data protection body, the Information Commissioner’s Office (the ICO), published a new guide for employers on responding to data subject access requests (DSARs).
On July 6, 2023, the first sanction imposed by the Brazilian Data Protection Agency (“ANPD”) against a company (controller) in Brazil was published in the official gazette.
On June 30, 2023, a California court enjoined until March 29, 2024, enforcement of the final regulations implementing the California Privacy Rights Act (CPRA).