Advancing Data Protection in India: The Digital Personal Data Protection Bill, 2023
Big News! 🎉 The Rajya Sabha has approved the Digital Personal Data Protection Bill, 2023 on August 9. This new law introduces stricter rules around handling digital personal information, provides for dedicated officers to address data subject rights, requires methods of redress for individuals, and establishes an Indian Data Protection Board to handle complaints. This law is all about being responsible with data and ensuring fairness in India’s digital world.
🔒 Practical implications following the EU Commission's adequacy decision for the EU-U.S. Data Privacy Framework 🔒
📅 On 10 July 2023, the European Commission adopted its adequacy decision on the EU-U.S. DPF, but what does this mean operationally for transfers from the EU to organizations in the U.S.?
✉️ Transfers of personal data can now be made to U.S. organizations certified as EU-U.S. DPF participants without needing appropriate safeguards like Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs).
📢 WHAT... ⁉️ You may have thought that the CPRA crosses the finishing line this weekend 🏁 BUT...
The Sacramento Superior Court issued a tentative ruling delaying the enforcement of the CPRA regulations. The CPRA is amending the Californian CCPA and especially strengthens data subjects rights. The regulations were issued in March 2023 and should become enforceable on July 1st.
📢 EDPB Adopts Guidelines on Art. 65(1)(a) of GDPR 📚
Great news for privacy enthusiasts. The European Data Protection Board (EDPB) has recently adopted the final version of the Guidelines on the application of Art. 65(1)(a) of the GDPR. These guidelines are designed to provide clarity on the various stages of the Art. 65 procedure and shed light on the EDPB’s authority when issuing legally binding decisions based on Art. 65(1)(a) of the GDPR.
📌 Exciting News: UK and US Commit to Data Bridge, but Details Remain Scarce 🔔
🛡 The UK and US have committed in principle to establish a data bridge, extending the Data Privacy Framework. Although details are limited, this move is seen as an attempt to substantiate the Prime Minister’s visit to the US. The data bridge has the potential to encompass sectors like pharmaceuticals and financial services, which are currently not covered by the Privacy Shield but pose data sensitivity challenges. The extension of the data transfer regime through certification and accountability mechanisms is a positive step, pending further details.