Policymakers have had harmonisation on their minds for the past few years, hoping to get data flowing: the GDPR was intended to bring EU member states’ data privacy legislation closer together, and has inspired lawmakers across the world to follow Europe’s lead. Meanwhile, the bloc continues to pursue new regulations that break down intra-European non-personal data localisation measures.
The picture isn’t entirely rosy. This issue of GDR looks at complications in two countries with very different approaches: Brazil, where observers worry that a much-hyped new omnibus law modelled on the GDPR could create even more hassle in a country with notoriously complex enforcement; and China, where the country has imposed a raft of cybersecurity and localisation requirements that have left lawyers and data holders scratching their heads. The EU may be leading the way on data privacy, but life hasn’t become easier for data-rich businesses just yet.
This issue of GDR also features analysis of the rapidly expanding internet of things industry, as well as the complex Brazilian data privacy enforcement regime. We also publish interviews with senior enforcers in Hong Kong and Ireland, and for the first time showcase the data lawyers you need to know in Brazil and Singapore. Last but certainly not least, Debevoise & Plimpton lawyers scrutinise the UK’s new privacy enforcement regime.
The IOT presents fresh challenges for lawyers and regulators alike.
Hong Kong's data ethics report, enforcement priorities, and international transfers.
As fines grab the headlines, Debevoise & Plimpton London partners Karolos Seeger and Jane Shvets and associate Robert Maddox analyse the UK data protection watchdog’s new investigative powers.