UK: Data (Use and Access) Bill passes through Parliament | Privacy Matters
On 11 June 2025, the UK's Data (Use and Access) Act 2025 ("DUA Act") was passed and received Royal Assent on 19th June 2025. The government first| Privacy Matters
On 11 June 2025, the UK's Data (Use and Access) Act 2025 ("DUA Act") was passed and received Royal Assent on 19th June 2025. The government first| Privacy Matters
Australian Clinical Labs (ACL) has been ordered to pay AUD5.8 million for breach of the Privacy Act 1988 (Cth) (Privacy Act) following a 2022 cyber incident which impacted the personal information of over 223,000 individuals. This is the first ever civil penalty proceeding under the Privacy Act. ACL was held to have breached three separate... Continue Reading| Privacy Matters
Visible cyber fallout is everywhere. Impact to business operations (and therefore revenue) including halted production lines, emptied supermarket shelves, online payment unavailability, and patient backlogs have all brought cyber into the media and the boardroom at an alarming rate in the last year. Last week, the NCSC’s Annual Review 2025[1] showed impact climbing fast and... Continue Reading| Privacy Matters
Summary The Upper Tribunal (UT) has handed down its judgment in the UK Information Commissioner’s (Information Commissioner) appeal against the First-tier Tribunal (FTT) decision on Clearview AI Inc (Clearview). The UT upheld three of the Commissioner’s four grounds of appeal, concluding that: Background Clearview collected images of people’s faces and associated data from publicly available... Continue Reading| Privacy Matters
Three years after its investigation commenced, the Office of the Australian Information Commissioner (OAIC) has found that retail giant Kmart Australia Limited (Kmart) breached the Privacy Act 1988 (Cth) (Privacy Act) through its use of facial recognition technology (FRT) in 28 retail stores between June 2020 and July 2022. This determination marks the OAIC’s second... Continue Reading| Privacy Matters
The Cyberspace Administration of China (“CAC“) has recently published the Administrative Measures for Network Security Incident Reporting (“Measures“), which provide further guidance on when and how to report network security incidents under existing laws such as the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law. The Measures will take effective on... Continue Reading| Privacy Matters
What is data scraping? Data scraping is an automated process through which computer programs extract vast amounts of data from the internet at a faster rate than manual data collection methods. Some businesses scrape data for internal purposes, such as generating leads, or to create products and services available for public use, such as price... Continue Reading| Privacy Matters
The EU General Court has dismissed a French MEP’s challenge to the EU-U.S. Data Privacy Framework (“DPF”) for the transfer of personal data between the European Union (“EU”) and the United States (“U.S”). While the decision is welcome news to organisations relying on the DPF for transfers underpinning their business operations, the debate is far... Continue Reading| Privacy Matters
Since the full enforcement of Thailand’s Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) in June 2022, the Personal Data Protection Committee (“PDPC”) has moved decisively from awareness-building to active enforcement. The transition emerged in 2024 when a leading e-commerce company was fined THB 7 million for breaching the law. In 2025, enforcement has intensified,... Continue Reading| Privacy Matters
In its judgment of May 13, 2025 (case number VI ZR 186/22), the German Federal Court of Justice (Bundesgerichtshof – “BGH”) continued its case law on the compensability of non-material damages under Article 82 GDPR, in particular with regard to whether the mere loss of control over personal data was sufficient for a claim for damages.... Continue Reading| Privacy Matters
In response to the UK's new Data (Use and Access) Act 2025 (DUA Act) coming into force, the UK Information Commissioner (ICO) has launched two public| Privacy Matters
Your guide to data privacy trends & legal insights. Stay compliant & protected in today's digital world. Expert analysis & updates.| Privacy Matters
CFPB finalized the "Open Banking Rule" granting customers greater control over their personal financial data| Privacy Matters
