After soliciting public comments since last November, the Chinese Ministry of Public Security (MPS) published the finalized Guideline for Internet Personal Information Security Protection (Guideline) on April 10, 2019. The Guideline applies to Personal Information Holders, defined as entities or individuals that “control and process personal information” through their provision of services using the Internet,

Check out this month’s edition of The Privacy Advisor, a publication of the International Association of Privacy Professionals (IAPP), for Divonne Smoyer and Kimberly Chow’s Q&A with North Carolina Attorney General (AG) Josh Stein. Throughout his tenure as AG, Stein has shown a clear commitment to data privacy and security through his advocacy for strong

Latest plans announced by the UK’s Health and Social Care Information Centre (HSCIC) have resulted in a flurry of media controversy condemning NHS England (NHS) for advocating the sale of patient data to third parties for profitable gain.

HSCIC, together with the NHS, has pioneered a new scheme, known as the ‘care.data’. From March 2014,

On November 15, 2013, the Supreme Court held Alberta’s Personal Information Protection Act (“PIPA”) to be unconstitutional, holding that an individual’s right to freedom of expression in the labor strike context outweighs the individual’s right to control his or her information in public. The ruling is suspended for 12 months to give Alberta’s legislature time

This post was written by Cynthia O’Donoghue.

Costa Rica’s 2011 data protection law came into force March 5, 2013, and Peru’s laws took effect April 22, 30 days after it published regulations. While this imposes new obligations on businesses operating or looking to do business in these countries, as with other data protection laws

This post was written by Cynthia O’Donoghue.

The date of the first binding vote by the Civil Liberties, Justice and Home Affairs Committee (LIBE) on the proposed General Data Protection Regulation (Regulation), which was initially planned for April-May 2013, has been postponed a second time. During the meeting on May 6, LIBE decided

Today, the Federal Trade Commission released detailed guidance on privacy in the mobile environment – at the same time it announced its largest-ever settlement with an app developer for alleged privacy violations. Combined with aggressive action on mobile privacy issues by the California attorney general’s office, Mobile Privacy Disclosures provides every company associated with

This post was also written by Amy S. Mushahwar.

This morning the FTC released a supplemental notice of proposed rulemaking on the Children’s Online Privacy Protection Act (COPPA) Rule. This is not a final rule. The notice suggests further modifications to proposed definitions released in the September 2011 Notice of Proposed Rulemaking on the

This post was written by Cynthia O’Donoghue.

In the Article 29 Working Party’s Opinion on the new EU data protection reforms, the Working Party has carefully studied both the Regulation and the Directive, and has given its first general reaction. The Working Party welcomed the provisions intended to clarify and strengthen the rights of

In the midst of discussions on Google’s revised privacy policy and its compliance with EU legislation, Spain’s highest court, the Audiencia Nacional de España, has referred a case up to the European Court of Justice (ECJ) to decide on whether Spanish citizens can lawfully demand that Google delete information about them from its search engine,