Technology and data privacy Global perspectives
|
|
- John Walters
- 5 years ago
- Views:
Transcription
1 Technology and data privacy Global perspectives Anna Gamvros, Partner, Hong Kong Barbara Li, Partner, Beijing Ryan Berger, Partner, Vancouver 13 September 2018
2 Agenda Asia privacy developments HK and China updates Impact of GDPR on client in Asia and the US Takeaway and tips 2
3 Asia privacy developments
4 APAC privacy overview India: Draft Personal Data Protection Bill issued in July Currently provisions spread across the IT Act 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 and the IT (Intermediaries Guidelines) Rules Thailand: Revised draft of the Personal Data Protection Bill approved by Thai Cabinet in 2 May Cybersecurity Bill published for public consultation in March Vietnam: No comprehensive data protection law - provisions spread across Civil Code, the IT Law, the Penal Code, the Telecommunications Law. Cyber Security Law passed in June 2018 and in full effect on 1 January South Korea: Personal Information Protection Act 2011 (amendments came into force Sept 2016) Japan: Act on Protection of Personal Information 2013 (amendments came into force in May 30, 2017) China: No comprehensive data protection law provisions spread across Cybersecurity Law 2016, Personal Information Security Specification 2017 (effective May 1, 2018), Amendment IX to Criminal Law 2015 and related judicial interpretations of the Supreme Court, Amended PRC Consumer Law 2013, NPC Decision on Strengthening the Protection of Network Information Hong Kong: Personal Data (Privacy) Ordinance (under review) Malaysia: Personal Data Protection Act 2013 (Personal Data Protection Standards came into force on December 23, 2015 ) Singapore: Personal Data Protection Act 2012 (came into full force in July 2, 2014). Most of the Cybersecurity Act provisions have come into force as of August Indonesia: Draft Data Protection Bill revised in July Currently provisions spread across Electronic Information and Transaction Law 2008 and Government Regulation on the Implementation of Electronic Systems and Transactions. Taiwan: Personal Data Protection Act 2010 (amendments came into force March 2016) The Philippines: Data Privacy Act 2012 (Implementing Rules and Regulations effective September 9, 2016) Australia: Privacy Act 1988 (amendments in full effect on March 2014). Notifiable Data Breaches scheme effective Feb
5 APAC privacy laws Comprehensive data protection law in force Australia China Hong Kong India Indonesia Japan Malaysia Philippines Singapore South Korea Taiwan Thailand Vietnam Draft law proposed Regulations/ Guidelines 5
6 APAC comparison Australia China Hong Kong India Indonesia Japan Malaysia Philippines Singapore South Korea Taiwan Thailand Vietnam Distinguishes between data collection and data processing Registration/ notification with data authority (certain industries) International data transfer specifically regulated (certain industries) ^ (certain industries) Mandatory breach notification (certain industries) (certain industries) Criminal sanctions Privacy Officer required (certain industries) (certain industries) Exemptions for employee data CBPR participation ^ Provisions enacted but not yet in force Planning to or considering joining 6
7 APAC Mandatory breach notification Hong Kong China Taiwan Singapore Malaysia Australia Japan South Korea Philippines Mandatory Breach Notification Requirement to notify data subjects Requirement to notify authorities Sector-specific rules 7
8 Cybersecurity Tighter regulation Hong Kong SFC and HKMA issued various cybersecurity circular and initiatives in 2016 SFC issued Consultation Paper to reduce hacking risks associated with internet trading in May 2017 and issued new guideline on the same in Oct 2017 Thailand Cyber Security Bill published for consultation in March 2018 China Cybersecurity Law, effective 1 June 2017 Draft regulations/consultations on security requirements and assessments re: cross border transfer and CII etc. Singapore Most of the Cybersecurity Act provisions have come into force as of August 2018 Malaysia Draft Cybersecurity Bill announced in 2017 The Philippines The National Cybersecurity Plan 2022 was unveiled in May 2017 Indonesia Establishment of National Cyber Agency during 2017 Vietnam Cybersecurity Law passed in June 2018 (and will be in full effect on1 January 2019) 8
9 HK and China updates
10 Hong Kong
11 Hong Kong regulatory requirements Data protection Hong Kong regulatory requirements SFC regulations HKMA regulations 11
12 Regulator focus GDPR - Comparative study on GDPR & PDPO - Potential changes to PDPO - Publication to assist local companies to understand GDPR Cross border data transfer - Section 33 of PDPO - PCPD and the Government are working together to understand the business impact of implementing s33 - Consultation with trades and businesses - Studies of other jurisdictions Tracking and monitoring - PCPD recognized the powerful capability of data collection in this big data era - Issued Physical Tracking and Monitoring Through Electronic Devices information leaflet Data breach notification - Increase no. of cybersecurity incidents - 20% surge of data breach notifications - PCPD encourages privacy management programme 12
13 China
14 China cybersecurity law Law making background Part of a series of new regulations and policies for cyberspace sovereignty Three rounds of reading First reading June 2015 Second reading June 2016 Third reading November 2016 Issued on 7 November 2016 Became effective from 1 June 2017 Multiple regulations and guidelines issued already and more to come 14
15 Snapshot of the CSL What is the CSL Cybersecurity and data privacy in China, with potential extra-territorial effect Who will be regulated Network operators - network owners, network administrators and network service providers Who are the regulators CAC, MIIT, Police, industry regulators 15
16 Key legal requirements under the CSL Network Operators Cybersecurity measures taken to protect against cyber crimes Technical support to the authorities for national security and crime investigation Data protection requirements for collection, processing and use of personal data Emergency actions in case of network security incidents 16
17 Enhanced requirements for CII network operators Vague concept and application scope of Critical Information Infrastructure (CII) Data localisation restriction and security assessment for crossborder data transfer Personal data Important data what is this? How to conduct the security assessment? IT products and services provided to CII subject to security certification * other key industries or sectors, which can seriously harm national security or public interest, if destroyed or tampered with or if data is leaked 17
18 Enforcement Enforcers are increasingly active CSL enforcement inspections and campaigns Review privacy policies and penalise non-compliance Data localisation review Use of VPNs 18
19 Implications for international business Wide application and far reaching effect Increased compliance cost and requirements Restriction on cross-border data flow Serious consequences 19
20 What s next Risk analysis and benchmarking Review of data practice and documentation Close watch on regulatory movements Keep close watch on regulatory movements especially new implementing regulations and guidelines Conduct risk analysis for compliance Consider strategy 20
21 APEC Privacy initiatives
22 Asia-Pacific Economic Cooperation A regional economic forum established in member countries Australia Brunei Canada Chile China Hong Kong Indonesia Japan South Korea Malaysia Mexico New Zealand Papua New Guinea Peru The Philippines Russia Singapore Taipei Thailand US Vietnam Operation through committees, sub-committees, expert groups, working groups and task forces Electronic Commerce Steering Group - Data Privacy Subgroup 22
23 APEC Privacy initiatives Privacy initiatives APEC Cross-Border Privacy Enforcement Arrangement APEC Cross Border Privacy Rules (CBPR) system - currently Japan, Singapore, South Korea, Mexico, Canada and the United States Common Referential for the Structure of the EU System of Binding Corporate Rules and APEC CBPR System Privacy Recognition for Processors System Latest developments Singapore joined CBPR on 6 March 2018 Australia announced it will move forward its application to participate in CBPR in November 2017 Philippines and Taiwan have expressed intention to join Japan Personal Information Protection Act Reform (May 2017) - accreditation under APEC s CBPR system is now one of the exceptions to cross border data transfer Japan Institute for Promotion of Digital Economy and Community recently appointed as the Accountability Agent a third party verifier who assess the compliance of companies under the APEC CBPR system (2016) 23
24 Impact of GDPR on clients in Asia and the US
25 GDPR impact on clients in Asia Clients in Asia are analysing their European connections for confirmation as to whether or not they fall within scope of GDPR Remediation projects underway focusing on fair processing notices and data transfer Concern about processor requirements and contracting Clients are requesting assistance to update their Asia template agreements (NDA, MSA, service provider agreements etc.) to ensure compliance with GDPR requirements 25
26 Comparison Asia data protection laws vs Canadian privacy laws vs EU GDPR
27 GDPR impact on Canadian clients Canadian businesses are analysing their European exposure to determine whether or not they fall within scope of GDPR Remediation projects underway focusing on fair processing notices (cookies) and data transfer Concern about processor requirements and contracting Clients are requesting assistance to update their terms of service, privacy policies etc. to ensure compliance with GDPR requirements Data processing agreements are being requested 27
28 Comparing / contrasting Canada and GDPR Yay, Canada! We are adequate Similar individual rights: - Access (portable?) - Correction - Erasure / de-listing Consent and reasonableness requirements Mandatory breach reporting No controller / processor distinction Registration and reporting to DPA Special categories No significant regulatory penalties 28
29 Evolution and best practices More attention being given to vendor / 3 rd party agreements More detailed privacy and security obligations attention to GDPR requirements Risk allocation incl. GDPR fines and penalties Breach reporting processes and requirements Increased public awareness of rights and duties More access requests by consumers and employees Awareness of the strategic value in disputes / pre-litigation More access for individuals through tools providing self-management of information 29
30 Takeaway and tips How to handle projects in Asia and globally given the differences of laws worldwide?
31
32 Disclaimer Norton Rose Fulbright US LLP, Norton Rose Fulbright LLP, Norton Rose Fulbright Australia, Norton Rose Fulbright Canada LLP and Norton Rose Fulbright South Africa Inc are separate legal entities and all of them are members of Norton Rose Fulbright Verein, a Swiss verein. Norton Rose Fulbright Verein helps coordinate the activities of the members but does not itself provide legal services to clients. References to Norton Rose Fulbright, the law firm and legal practice are to one or more of the Norton Rose Fulbright members or to one of their respective affiliates (together Norton Rose Fulbright entity/entities ). No individual who is a member, partner, shareholder, director, employee or consultant of, in or to any Norton Rose Fulbright entity (whether or not such individual is described as a partner ) accepts or assumes responsibility, or has any liability, to any person in respect of this communication. Any reference to a partner or director is to a member, employee or consultant with equivalent standing and qualifications of the relevant Norton Rose Fulbright entity. The purpose of this communication is to provide general information of a legal nature. It does not contain a full analysis of the law nor does it constitute an opinion of any Norton Rose Fulbright entity on the points of law discussed. You must take specific legal advice on any particular matter which concerns you. If you require any advice or further information, please speak to your usual contact at Norton Rose Fulbright. 32
2014 Luxury & Fashion Industry Conference for Multinationals
2014 Luxury & Fashion Industry Conference for Multinationals Privacy, Data Protection, and the Impact of Social Media and Online Behavioral Advertising on the Industry Anna Gamvros, Hong Kong Francesca
More informationDevelopments in Global Data Protection & Transfer: How They Impact Third-Party Contracts
Developments in Global Data Protection & Transfer: How They Impact Third-Party Contracts Rebecca Eisner Partner +1 312 701 8577 reisner@mayerbrown.com Mark Prinsley Partner +44 20 3130 3900] mprinsley@mayerbrown.com
More informationDeveloping and Implementing Data Protection Law: Malaysia and Beyond
Developing and Implementing Data Protection Law: Malaysia and Beyond Professor Abu Bakar Munir Faculty of Law, University of Malaya Malaysia K&K Advocates - Expert Panel Discussion on Data Protection Jakarta,
More informationSafeguards on Personal Data Privacy.
Safeguards on Personal Data Privacy. Peter Koo Partner, Enterprise Risk Services Deloitte Touche Tohmatsu Maverick Tam Associate Director, Enterprise Risk Services Deloitte Touche Tohmatsu Deloitte ERS
More informationPRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology
PRC Cyber Security Law --- How does it affect a UK business? Xun Yang Of Counsel, Commercial IP and Technology 24 October 2017 Content Overview of Cyber Security Law Observations on Implementation of Cyber
More informationForum. Ningbo, China 25 February
2014/SOM1/SCE-COW/014 Agenda Item: 4 Telecommunications and Inform ation Working Group Strategic Plan Purpose: Consideration Submitted by: TEL Chair Forum Doc. No.: 2013/SOM3/SCE/017 SOM Steering Committee
More informationThe APEC Model. Global Partnership through Regional Initiatives
The APEC Model Global Partnership through Regional Initiatives Tony Beard Office of Transport Security (OTS), Department of Transport and Regional Services (DOTARS), Australia Office of Transport Security
More informationChina s New Cybersecurity Law: Data Protection, Data Transfer and Breach Investigations in the World s Second Largest Economy
China s New Cybersecurity Law: Data Protection, Data Transfer and Breach Investigations in the World s Second Largest Economy IPSF 2018 February 26, 2018 1 1 AGENDA China's Cybersecurity Law Enforcement
More informationA Modern European Data Protection Framework
A Modern European Data Protection Framework India, March 2018 Ralf Sauer European Commission, DG Justice Outline 1) 1. The new EU data protection framework 2) 2. The transition period 3) 3. GDPR: trust,
More informationData and Cyber Crisis how to manage a crisis and reduce loss. Melissa Russell Special Counsel February 2016
Data and Cyber Crisis how to manage a crisis and reduce loss Melissa Russell Special Counsel February 2016 Introduction cyber risks Most commonly reported types of economic crime from PwC The causes and
More information20/09/2013. Global Privacy and Data Protection: Practical Risk Assessment and Governance. Topics
Global Privacy and Data Protection: Practical Risk Assessment and Governance 9 October 2013 Robert Bond, BA, CCEP, HonMIEx Head of Data Protection and Info Security, Speechly Bircham Marti Arvin, CHC-F,
More informationKISH REMARKS APEC CBPR NOV 1 CYBER CONFERENCE KEIO Page 1 of 5 Revised 11/10/2016
Page 1 of 5 INTRODUCTION Jim, thank you for the kind introduction. It is an honor to join the panel. Congratulations to Dr. Murai and Dr. Tezuka for the success of the Keio Cybersecurity Center. Congratulations
More informationDo you handle EU residents personal data? The GDPR update is coming May 25, Are you ready?
European Union (EU) General Data Protection Regulation (GDPR) Do you handle EU residents personal data? The GDPR update is coming May 25, 2018. Are you ready? What do you need to do? Governance and Accountability
More informationCyber Security Law --- Are you ready?
Cyber Security Law --- Are you ready? Xun Yang Of Counsel, Commercial IP and Technology 9 May 2017 1 / B_LIVE_APAC1:2207856v1 Content Overview of Cyber Security Law Legislative Development Key Issues in
More informationLaw & Policy Meets Data in the Cloud: Data Sovereignty Across Asia. Bernie Trudel Chairman, Asia Cloud Computing Association
Law & Policy Meets Data in the Cloud: Data Sovereignty Across Asia Bernie Trudel Chairman, Asia Cloud Computing Association 1 Data, Regulation, Jurisdiction and Cloud: A New Geography Lesson Cloud Data
More informationReport on Survey on the Participation of Business in Related National Committees Corresponding to International TCs & SCs
2008/SOM3/CTI/SCSC/007 Agenda Item: 4(9) Report on Survey on the Participation of Business in Related National Committees Corresponding to International TCs & SCs Purpose: Discussion Submitted by: Japan
More informationDeveloping Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite?
Developing Issues in Breach Notification and Privacy Regulations: Risk Managers Are you having the right conversation with the C Suite? Minnesota RIMS 39 th Annual Seminar Risk 2011-2012: Can You Hack
More informationManuel E. Maisog Partner
Biographies Manuel E. Maisog Partner bmaisog@hunton.com Beijing +86 10 5863 7507 direct Languages: English, Mandarin Chinese SERVICES Industries Energy Financial Services Retail and Consumer Products Practices
More informationEU data security and privacy trends
EU data security and privacy trends Top issues for HR and global mobility 26 29 October 2014 Disclaimer EY refers to the global organization, and may refer to one or more, of the member firms of Ernst
More informationGeneral Data Protection Regulation April 3, Sarah Ackerman, Managing Director Ross Patz, Consultant
General Data Protection Regulation April 3, 2018 Sarah Ackerman, Managing Director Ross Patz, Consultant Introductions Sarah Ackerman, CISSP, CISA Managing Director, Cincinnati Responsible for overall
More informationGDPR: A QUICK OVERVIEW
GDPR: A QUICK OVERVIEW 2018 Get ready now. 29 June 2017 Presenters Charles Barley Director, Risk Advisory Services Charles Barley, Jr. is responsible for the delivery of governance, risk and compliance
More informationDATA PROTECTION LAWS OF THE WORLD. Bahrain
DATA PROTECTION LAWS OF THE WORLD Bahrain Downloaded: 7 April 2018 BAHRAIN Last modified 25 January 2017 LAW There is currently no standalone data protection law in Bahrain. A draft is being reviewed before
More informationA comprehensive approach on personal data protection in the European Union
A comprehensive approach on personal data protection in the Justice Date 1 Main legal instruments on EU level Data Protection Directive 95/46/EC Directive 2002/58/EC on privacy and electronic communications
More informationContributed by Djingov, Gouginski, Kyutchukov & Velichkov
Contributed by Djingov, Gouginski, Kyutchukov & Velichkov General I Data Protection Laws National Legislation General data protection laws The Personal Data Protection Act implemented the Data Protection
More informationHow Cybersecurity Initiatives May Impact Operators. Ross A. Buntrock, Partner
How Cybersecurity Initiatives May Impact Operators Ross A. Buntrock, Partner ross.buntrock@agg.com 202.669.0495 Agenda Rise in Data Breaches Effects of Increase in Cybersecurity Threats Cybersecurity Framework
More informationPlan a Pragmatic Approach to the new EU Data Privacy Regulation
AmChamDenmark event: EU Compliant & Cyber Resistant Plan a Pragmatic Approach to the new EU Data Privacy Regulation Janus Friis Bindslev, Partner Cyber Risk Services, Deloitte 4 February 2016 Agenda General
More informationUpcoming PIPEDA Changes What is changing and what to do about it
Upcoming PIPEDA Changes What is changing and what to do about it Danny Pehar Global Television Cyber Security Expert 02 Danny Pehar Put Text Here This slide is 100% editable. Adapt it to your needs and
More informationChanging times in Swiss Data Privacy: new opportunities? Microsoft Security Day 27 April 2017 Clara-Ann Gordon
Changing times in Swiss Data Privacy: new opportunities? Clara-Ann Gordon Which countries have Data Protection Laws? Source: https://www.taylorwessing.com/globaldatahub/risk_map.html Page 2 Different Data
More informationThe GDPR Are you ready?
The GDPR Are you ready? kpmg.ie The GDPR - Overview The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) will come into force from 25th May 2018, replacing the existing data protection
More informationITU Survey on Anti-Spam Legislation Worldwide
ITU Survey on Anti-Spam Legislation Worldwide Cristina Bueti Strategy and Policy Unit International Telecommunication Union WSIS Thematic Meeting on Cybersecurity 28 June 1 July 2005 world summit on the
More informationRobert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe
Respecting Privacy, Securing Data and Enabling Trust a view from Europe Robert Bond, Partner & Notary Public Robert Bond Robert Bond has nearly 40 years' experience in advising national and international
More informationITU-ACMA Asia Pacific Regulators Roundtable July 2014
ITU-ACMA Asia Pacific Regulators Roundtable 2014 21-22 July 2014 Session 2: Evolution of the Regulator Addressing International Concerns Content Page Cyber Security Cross-border Data Flow Interoperability
More informationThe Role of SANAS in Support of South African Regulatory Objectives. Mr. Mpho Phaloane South African National Accreditation System
The Role of SANAS in Support of South African Regulatory Objectives Mr. Mpho Phaloane South African National Accreditation System Outline of Presentation INTRODUCTION STATUS OF SANAS TECHNICAL INFRASTRUCTURE
More informationEU General Data Protection Regulation (GDPR) Achieving compliance
EU General Data Protection Regulation (GDPR) Achieving compliance GDPR enhancing data protection and privacy The new EU General Data Protection Regulation (GDPR) will apply across all EU member states,
More informationCyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology
Cyber Security Law --- How does it affect the business operations in China? Xun Yang Of Counsel, Commercial IP and Technology 8 December 2016 The Matrix (1999) 1 / L_LIVE_APAC1:5433168v1 World Internet
More informationแนวทางการพ ฒนา Information Security Professional ในประเทศไทย
แนวทางการพ ฒนา Information Security Professional ในประเทศไทย โดย Thailand Information Security Association (TISA) Agenda 1) Global Information Security Professional Situation 2) Current Thailand Information
More informationENFORCEMENT POWERS. The EU Perspective. Olivier Proust. Associate Hunton & Williams LLP
ENFORCEMENT POWERS The EU Perspective Olivier Proust Associate Hunton & Williams LLP What is enforcement within the EU? Broad sense: Any action leading to better compliance Awareness raising activities
More informationCOMPLAINT STATISTICS. Complaint Numbers. CBPR-Related Complaints for period 12/01/15-2/28/17: 55
Complaint Numbers COMPLAINT STATISTICS CBPR-Related Complaints for period 12/01/15-2/28/17: 55 Note: For purposes of this report, "complaint" refers to a complaint filed with TRUSTe via TRUSTe's Feedback
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationLiechtenstein. General I Data Protection Laws. Contributed by Wanger Advokaturbüro. National Legislation. National Regulatory Authority.
Contributed by Wanger Advokaturbüro General I Data Protection Laws National Legislation General data protection laws The Data Protection Act (the DPA ) dated 14 March 2002 and the relevant Ordinance on
More informationEU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More informationSCCE ECEI 2014 EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS. Monica Salgado JANINE REGAN CIPP/E
EU DATA PRIVACY COMPLIANCE FOR US DRIVEN PROJECTS 18 May 2014 Monica Salgado Portuguese Laywer (Advogada) / Registered European Lawyer Janine Regan Solicitor Monica Salgado Monica is a Portuguese qualified
More informationA Guide For Conformity Assessment Bodies to the APEC TEL Mutual Recognition Arrangement. APEC Telecommunications and Information Working Group
A Guide For Conformity Assessment Bodies to the APEC TEL Mutual Recognition Arrangement APEC Telecommunications and Information Working Group A Guide for Conformity Assessment Bodies to the APEC Telecommunications
More informationNIST Designation of CABs: Upcoming Changes for the US and EU Review for Japan
NIST Designation of CABs: Upcoming Changes for the US and EU Review for Japan Japan MRA Workshop March 2, 2016 Presented by Ramona Saar Program Manager, NIST Version updated 2/26/2016 Topics Introduction:
More informationDATA PRIVACY & PROTECTION POLICY POLICY INFORMATION WE COLLECT AND RECEIVE. Quality Management System
DATA PRIVACY & PROTECTION POLICY POLICY This Data Privacy & Protection Policy applies to ELMO Software Limited s Cloud HR & Payroll applications and platform (collectively, the Services ), elmosoftware.com.au
More informationInternational Legal Regulation of Cybersecurity U.S.-German Standards Panel 2018
International Legal Regulation of Cybersecurity U.S.-German Standards Panel 2018 Dr. Dennis-Kenji Kipker University of Bremen Washington DC, 10.04.2018 Gefördert vom FKZ: 16KIS0213 bis 16KIS0216 Slide
More informationData Leak Protection legal framework and managing the challenges of a security breach
Data Leak Protection legal framework and managing the challenges of a security breach ACC Europe's Annual Conference 2009 June 7-9, 2009 Geneva Alexander Duisberg Partner, Bird & Bird LLP About Bird &
More informationGDPR is coming in less than 2 months Are you ready?
GDPR is coming in less than 2 months Are you ready? Charles-Albert Helleputte Partner, Brussels +32 2 551 5982 chelleputte@mayerbrown.com 30 March 2018 2 GDPR is everywhere... You were invited by UNICEO
More informationCompilation of Good Practices on Enhancing Resilience of GVCs to Natural Disasters
2016/SOM3/EPWG/011 Agenda Item: 10.2 Compilation of Good Practices on Enhancing Resilience of GVCs to Natural Disasters Purpose: Information Submitted by: Japan Forum Doc. No.: 2016/SOM2/025anx16 10 th
More informationTHE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES. Forum financier du Brabant wallon
THE NEW GENERAL DATA PROTECTION REGULATION IMPLICATIONS FOR ENTERPRISES Forum financier du Brabant wallon 14.12.2017 Data Protection should be part of every company s or organisation s DNA Do you process
More informationAIRMIC ENTERPRISE RISK MANAGEMENT FORUM
AIRMIC ENTERPRISE RISK MANAGEMENT FORUM Date 10 November 2016 Name Nick Gibbons Position, PARTNER BLM T: 0207 457 3567 E: Nick.Gibbons@blmlaw.com SUMMARY Cyber crime is now a daily reality Every business
More informationipac Initiative Web Platform Between IP Academies for Sharing Information February 3, 2011 International Affairs Division Japan Patent Office
ipac Initiative Web Platform Between IP Academies for Sharing Information February 3, 2011 International Affairs Division Japan Patent Office 1 Introduction Asia-Pacific Economic Cooperation Framework
More informationChina and International Governance of Cybercrime
China and International Governance of Cybercrime Prof. Dr. Shenkuo WU Law Professor of CCLS, Beijing Normal University Head of Research Centre of Internet Society of China Consultant of Supreme Court of
More informationBHBIA New Data Protection Rules. Pharma Company Perspective. Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD
BHBIA New Data Protection Rules Pharma Company Perspective Guy Murray Director, Market Research & Analytics, GC&BI MR Operations and Compliance, MSD Pharma Company Perspective Data Controllers Responsibilities
More informationEU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know
EU Data Protection Triple Threat for May of 2018 What Inside Counsel Needs to Know The General Data Protection Regulation (GDPR) The eprivacy Regulation (epr) The Network and Information Security Directive
More informationINDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018
INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF 28 th November 2018 AGENDA 1. State of Cybersecurity Globally 2. State of Cybersecurity in South Africa 2.1
More informationRegulating Cyber: the UK s plans for the NIS Directive
Regulating Cyber: the UK s plans for the NIS Directive September 2017 If you are a digital service provider or operate an essential service then new security and breach notification obligations may soon
More informationPrivacy Law Doing Business In Canada
Privacy Law Doing Business In Canada Does Canada Have Privacy Legislation? Federal Legislation Canada has a comprehensive legal framework that governs the collection, retention, use and disclosure of the
More informationWorkday s Robust Privacy Program
Workday s Robust Privacy Program Workday s Robust Privacy Program Introduction Workday is a leading provider of enterprise cloud applications for human resources and finance. Founded in 2005 by Dave Duffield
More informationMutual Recognition Agreement/Arrangement: General Introduction, Framework and Benefits
Workshop for Caribbean countries to promote the development and implementation of Conformity Assessment programmes St. Augustine (Trinidad and Tobago) 2-4 December 2014 Mutual Recognition Agreement/Arrangement:
More informationHow icims Supports. Your Readiness for the European Union General Data Protection Regulation
How icims Supports Your Readiness for the European Union General Data Protection Regulation The GDPR is the EU s next generation of data protection law. Aiming to strengthen the security and protection
More informationChina s New Cybersecurity Law
China s New Cybersecurity Law March 7, 2017 Presented by: Manuel E. Maisog Hunton & Williams LLP Beijing, China bmaisog@hunton.com Hunton & Williams Global Privacy & Cybersecurity Team Known globally for
More informationTHE MADRID PROTOCOL. A single trademark registration supports regional economic integration. A Case Study
THE MADRID PROTOCOL A single trademark registration supports regional economic integration A Case Study The Madrid Protocol: Protecting brands globally The Madrid System for the International Registration
More informationCountering Spam. ITU-T Study Group 17 Geneva, Switzerland 11 October 2005
Countering Spam ITU-T Study Group 17 Geneva, Switzerland 11 October 2005 Cristina Bueti Strategy and Policy Unit International Telecommunication Union world summit on the information society 1 What is
More informationPROJECT BACKGROUND AND RATIONALE
PROJECT BACKGROUND AND RATIONALE The political agreement on the EU General Data Protection Regulation (GDPR) has been reached and the new Regulation will be on the books by the end of the first quarter
More informationHOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA
HOT TOPICS IN DATA PRIVACY REGULATION IN RUSSIA Ksenia Andreeva Anastasia Dergacheva Vasilisa Strizh November 27, 2018 2018 Morgan, Lewis & Bockius 2017 Morgan, Lewis & Bockius Contents News from the Russian
More informationPromoting Global Cybersecurity
Promoting Global Cybersecurity Presented to ITU-T Study Group 17 Geneva, Switzerland 6 October 2005 Robert Shaw ITU Internet Strategy and Policy Advisor ITU Strategy and Policy Unit 1 Agenda Critical Infrastructures
More informationPAA PKI Mutual Recognition Framework. Copyright PAA, All Rights Reserved 1
PAA PKI Mutual Recognition Framework Copyright PAA, 2009. All Rights Reserved 1 Agenda Overview of the Framework Components of the Framework How It Works Other Considerations Questions and Answers Copyright
More informationIntroduction of APCERT APCERT
Introduction of Yurie Ito, JPCERT/CC (On behalf of the Secretariat) (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security Incident Response Teams). The
More informationData Breach Notification: what EU law means for your information security strategy
Data Breach Notification: what EU law means for your information security strategy Olivier Proust December 8, 2011 Hunton & Williams LLP Key points 1. Introduction 2. Overview of data breach requirements
More informationAccelerate GDPR compliance with the Microsoft Cloud
Regional Forum on Cybersecurity in the Era of Emerging Technologies & the Second Meeting of the Successful Administrative Practices -2017 Cairo, Egypt 28-29 November 2017 Accelerate GDPR compliance with
More informationMutual Recognition Agreement/Arrangement: General Introduction, Framework and Benefits
Conformity and Interoperability Training for SADC Region on Type Approval testing for Mobile Terminals, Homologation Procedures and Market Surveillance Mutual Recognition Agreement/Arrangement: General
More informationSymposium on Trustmark Guidelines in CBPR System
2011/SOM3/ECSG/005 Agenda Item: VII2a Symposium on Trustmark Guidelines in CBPR System Purpose: Consideration Submitted by: Viet Nam 24 th Electronic Commerce Steering Group Meeting San Francisco, United
More informationIntroduction of APCERT
Introduction of APCERT Yurie Ito, JPCERT/CC (On behalf of the APCERT Secretariat) APCERT APCERT (Asia Pacific Computer Emergency Response Team) is a coalition of the forum of CSIRTs (Computer Security
More informationTrough a cyber security lens
Trough a cyber security lens 2015 Global Audit Survey kpmg.ch/cyber What the 2015 survey tells us Short of a crisis, the issues on the audit committee s radar don t change dramatically from year to year
More informationCOMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September Table of Contents. 1. Scope, Purpose and Application to Employees 2
COMPUTAMATRIX LIMITED T/A MATRICA Data Protection Policy September 2018 Table of Contents 1. Scope, Purpose and Application to Employees 2 2. Reference Documents 2 3. Definitions 3 4. Data Protection Principles
More informationThe United Nations Convention On the Use of Electronic Communication in International Contracts, 2005 and Electronic Transactions Law in Thailand
Establishing an Enabling Cross-Border Legal Environment for Regional Connectivity : The United Nations Convention On the Use of Electronic Communication in International Contracts, 2005 and Electronic
More informationU.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan
U.S. Japan Internet Economy Industry Forum Joint Statement 2013 October 2013 Keidanren The American Chamber of Commerce in Japan In June 2013, the Abe Administration with the support of industry leaders
More informationPartner Guidelines to sign Agreement. May, 2017
Partner Guidelines to sign Agreement May, 2017 Europe, Middle East and Africa Americas Asia Pacific United Kingdom Germany Other countries Canada United States Peru Chile Brazil Other countries Taiwan
More informationHong Kong s Personal Data (Privacy) Ordinance
Asia Privacy Bridge Forum 11 May 2016 Hong Kong s Personal Data (Privacy) Ordinance Fanny Wong Deputy Privacy Commissioner for Personal Data Hong Kong, China The Personal Data Landscape in Asia 2011 2003
More information2017/SOM3/DIA/007 Digital Trade Building Blocks
2017/SOM3/DIA/007 Digital Trade Building Blocks Submitted by: Information Technology Industry Council Dialogue on Regional Trade Agreements and Free Trade Agreements Ho Chi Minh City, Viet Nam 27 August
More informationNYDFS Cybersecurity Regulations: What do they mean? What is their impact?
June 13, 2017 NYDFS Cybersecurity Regulations: What do they mean? What is their impact? Gus Coldebella Principal, Boston Caroline Simons Principal, Boston Agenda 1) Overview of the new regulations 2) Assessing
More informationG8 Lyon-Roma Group High Tech Crime Subgroup
G8 Lyon-Roma Group High Tech Crime Subgroup In October 2009, a series of recommendations for amendments to ICANN s Registrar Accreditation Agreement (RAA) was proposed to ICANN by law enforcement agencies
More informationETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)
ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive) July 2013 Executive Summary ETNO supports the European Commission s global approach to cyber-security
More informationData Protection Policy
Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act (DPA) 2018 [UK] For information on this Policy or to request Subject Access please
More informationSecurity of Critical Information Infrastructure: Legal Issues
Security of Critical Information Infrastructure: Legal Issues Edward Bekeschenko, Partner INFOC Committee Meeting 26 May 2017 Agenda 1 Trends in Russia 3 2 International Practices 8 1 Trends in Russia
More informationMYTH vs. REALITY The Revised Cybersecurity Act of 2012, S. 3414
MYTH vs. REALITY The Revised Cybersecurity Act of 2012, S. 3414 The Cybersecurity Act of 2012, S. 3414, has not been the subject of a legislative hearing and has skipped regular order. HSGAC has not marked
More informationCanada s Anti-Spam Law ( CASL ): It s the Law on July 1, 2014 questions for directors to ask
Canada s Anti-Spam Law ( CASL ): It s the Law on July 1, 2014 questions for directors to ask Author: Jennifer Babe, LL.M, ICD.D Why Should I Read This Alert? a) despite its name, this Act covers much more
More informationCybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce 5-8 September 2017 Yogyakarta, Indonesia Sameer Sharma Senior Advisor ITU Digital Infrastructure for Connectivity SDGs Evolution
More informationGDPR - Are you ready?
GDPR - Are you ready? Anne-Marie Bohan and Michael Finn 24 March 2018 Matheson Ranked Ireland s Most Innovative Law Firm Financial Times 2017 International Firm in the Americas International Tax Review
More informationCyber Crime Prosecution & Defence
Cyber Crime Prosecution & Defence www.asianlaws.org DID YOU KNOW? 5,035 cyber crime FIRs were registered in Bengaluru in 2018. Mumbai saw almost 3,000 cyber crime FIRs. Almost 16,000 Indian websites were
More informationUSER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.
These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy. I. OBJECTIVE ebay s goal is to apply uniform, adequate and global data protection
More informationConsultation Workshop Twinning Partnership on Environmental Impact Assessment (EIA)
Consultation Workshop Twinning Partnership on Environmental Impact Assessment (EIA) between Sri Lanka and Japan Overview of twinning partnership and objectives & expected outputs of the Workshop AECEN
More informationITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability. Session 2: Conformity Assessment Principles
ITU Asia-Pacific Centres of Excellence Training on Conformity and Interoperability Session 2: Conformity Assessment Principles 12-16 October 2015 Beijing, China Keith Mainwaring ITU Expert Agenda 1. Context
More informationFIRE REDUCTION STRATEGY. Fire & Emergency Services Authority GOVERNMENT OF SAMOA April 2017
FIRE REDUCTION STRATEGY Fire & Emergency Services Authority GOVERNMENT OF SAMOA April 2017 FIRE REDUCTION STRATEGY Fire & Emergency Services Authority GOVERNMENT OF SAMOA April 2017 2 1. Introduction The
More informationLaws and Regulations & Data Governance
Executive Development Course: Digital Government for Transformation Towards Sustainable and Resilient Societies the Singapore Experience Laws and Regulations & Data Governance 2-6 April 2018 UNDP Global
More informationFive Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification
July 2016 Follow @Paul_Hastings Five Ways that Privacy Shield is Different from Safe Harbor and Five Simple Steps Companies Can Take to Prepare for Certification By Paul Hastings Global Privacy and Cybersecurity
More informationUL and Business Continuity
UL and Business Continuity David Stowe, CBCP Business Continuity Manager APEC EPWG Workshop: Private Sector Emergency Preparedness Hotel Monterey Sendai 3 rd August 2011 2011 Underwriters Laboratories
More informationThe GDPR and NIS Directive: Risk-based security measures and incident notification requirements
The GDPR and NIS Directive: Risk-based security measures and incident notification requirements Adrian Ross LLB (Hons), MBA GRC Consultant IT Governance Ltd 4 May 2017 Introduction Adrian Ross GRC consultant
More informationMONITORING INTERNET ACCESS (As of August 20, 2002)
MONITORING INTERNET ACCESS (As of August 20, ) APEC GOALS: To triple access between 2000 and 2005 To ensure all groups within an economy have access to the by 2010 Economy 1999+ World 304.46 * Access in
More information