Catagory:Government Regulation, Legislation & Enforcement

1
CJEU Upholds EDPB’s Authority to Order Broader Investigations in Cross-Border Cases
2
EU Updates Codes of Conduct on Countering Illegal Hate Speech Online
3
Mass. SJC Limits Website Tracking Technology Claims Under Wiretap Act
4
Australian Privacy Reform Series Refresher: What Are These Reforms?
5
Disclosure Obligations for Cyber Ransom Payments: A New Cyber Security Act is Coming
6
Modern Adtech Regulated Under Antiquated Law: How Video Killed the Internet Star
7
Security of Critical Infrastructure – Adoption of Cyber Security Framework and Mandatory Reporting Deadline Approaches While the Regulator Moves From “Education” to “Enforcement” Mode
8
ASIC and OAIC’s New Information Sharing MoU: What You Need to Know
9
Decree No. 2024-388 and Its Implications for Intermediation Platforms
10
Anticipated Tightened Data Privacy Regulations: Raid on Worldcoin

CJEU Upholds EDPB’s Authority to Order Broader Investigations in Cross-Border Cases

By: Claude-Étienne Armingaud and Josefine Beil

In a landmark judgment delivered on 29 January 2025, the General Court of the European Union has affirmed the European Data Protection Board‘s (EDPB) authority to require national supervisory authorities to broaden their investigations in cross-border data protection cases.

Read More

EU Updates Codes of Conduct on Countering Illegal Hate Speech Online

By: Claude-Etienne Armingaud, Thomas Nietsch and Andreas Müller

The European Commission has strengthened its framework for combating illegal hate speech online through an enhanced Code of Conduct, building upon the success of its 2016 predecessor. This updated version, known as the Code of Conduct on countering illegal hate speech online +, aligns with the Digital Services Act (DSA) and represents a significant step forward in the EU’s efforts to create a safer digital environment.

Read More

Mass. SJC Limits Website Tracking Technology Claims Under Wiretap Act

By: Christopher Valente and Michael Stortz

In a critical new decision, the Massachusetts Supreme Judicial Court has confirmed that the state’s anti-wiretapping statute does not extend to website tracking technologies. In Vita v. New England Baptist Hospital, the Court held that the state’s 1968 Wiretap Act (Mass. G.L. c. 272, § 99) does not apply to the deployment of online software that collects and transmits information regarding user interactions with websites to third parties.

Read More

Australian Privacy Reform Series Refresher: What Are These Reforms?

By Cameron Abbott, Rob Pulham, and Stephanie Mayhew

In 2023 the Attorney-General’s Department released the “Privacy Act Review Report” (Review Report), which considered whether the Australian Privacy Act 1988 (Cth) and its enforcement mechanisms are fit for purpose in an environment where Australians now live much of their lives online and their information is collected and used for a myriad of purposes in the digital economy.

Read More

Disclosure Obligations for Cyber Ransom Payments: A New Cyber Security Act is Coming

By Cameron Abbott, Rob Pulham, Stephanie Mayhew, Dadar Ahmadi-Pirshahid and Lauren Hrysomallis

A new Cyber Security Act is set to be unveiled in Parliament’s next sitting from 12 August, as reported by the ABC. The proposed Act would require Australian businesses and government bodies to disclose when they make a ransom payment to cybercriminals in the event of a hack, or face penalties of up to AU$15,000 for failing to notify.

Read More

Modern Adtech Regulated Under Antiquated Law: How Video Killed the Internet Star

By Cameron Abbott and Rob Pulham

In their recent article available here, Katie Staba and Corey Bieber from our Chicago office discuss emerging advertising technology issues, including new applications of the California Invasion of Privacy Act and the Video Privacy Protection Act.

Security of Critical Infrastructure – Adoption of Cyber Security Framework and Mandatory Reporting Deadline Approaches While the Regulator Moves From “Education” to “Enforcement” Mode

By Cameron Abbott, Rob Pulham, Damien Timms, Dadar Ahmadi-Pirshahid and Adam Asadurian

Some key compliance dates approach for responsible entities of critical infrastructure assets under the Security of Critical Infrastructure Act (SOCI Act).

Read More

ASIC and OAIC’s New Information Sharing MoU: What You Need to Know

By Cameron Abbott, Rob Pulham, Stephanie Mayhew and Lauren Hrysomallis

ASIC has further focused its attention on the duties of companies and directors with regards to cyber resilience with the signing of a Memorandum of Understanding (MoU) with the Office of the Australian Information Commissioner (OAIC).

Read More

Decree No. 2024-388 and Its Implications for Intermediation Platforms

By Claude-Étienne Armingaud and Kenza Berrada

Digital intermediation service platforms within the sectors of chauffeur-driven transportation and goods delivery have new responsibilities since the enactment of Decree no. 2024-388 on 25 April 2024. Operating under the framework established by Article L. 7345-1 of the French Labor Code, this Decree has initiated a systematic collection and transmission protocol for data concerning platform workers’ activities to the French Employment Platforms Social Relations Authority (ARPE).

Read More

Anticipated Tightened Data Privacy Regulations: Raid on Worldcoin

By Paul Haswell and Sarah Kwong

In late January 2024, Hong Kong’s privacy watchdog, the Personal Data Privacy Commission (“PCPD”) raided six premises of Worldcoin, a cryptocurrency initiative co-founded by Sam Altman, that requires an iris scan from clients for identification purposes and also for earning tokens. The PCPD conducted an investigation into Worldcoin’s operations, suspecting that its sensitive personal data (i.e. iris information) collection practices might infringe the Personal Data Privacy Ordinance (Cap. 486).

Read More

Copyright © 2025, K&L Gates LLP. All Rights Reserved.