Tech, Data, Telecoms & Media updates

Austria

Contributed by Schoenherr
Influencer marketing – Advertising Council adopts specific rules
  • Austria
  • 15 March 2019

'Influencer marketing' means taking advantage of bloggers and other persons who have their own social media channels to promote goods and services. While the concept of transmitting arguably hidden advertising is problematic, there are many variations of this and the lines between hidden advertising and personal opinion are often blurred. As such, the Advertising Council recently issued guidelines for dealing with influencer marketing as a specific means of marketing communication.

GDPR implementing legislation in Austria
  • Austria
  • 07 December 2018

The EU General Data Protection Regulation (GDPR) has created a new understanding and awareness of data protection. Despite being a directly applicable legal act, the GDPR has created significant work for the Austrian federal legislature, which has chosen to impose it by implementing the narrow but general Data Protection Act and introducing amendments to ordinary legal acts individually. However, these amendments are essentially limited to wording adjustments and restrictions on data subjects' rights.

DPA's strict view on retention periods
  • Austria
  • 25 September 2018

The Austrian Data Protection Authority (DPA) recently published its first decision on retention periods following the enactment of the General Data Protection Regulation. The decision is final. The DPA had to decide how long a telecoms service provider must retain so-called 'master data' – that is, data required for the controller's legal relationship with the users of its services.

Privacy-related representations in M&A agreements
  • Austria
  • 15 May 2018

Companies regularly store information about their customers, clients, employees, investors, partners and vendors. Privacy and data security are therefore important aspects of most M&A transactions. Although the risk of non-compliance with privacy laws may result in severe negative consequences, many M&A agreements still lack adequate privacy-related representations and warranties.

Proposals to alter national Data Protection Act
  • Austria
  • 24 April 2018

Members of Parliament recently filed an application to amend the Data Protection Act 2018 in order to clarify certain aspects which have led to confusion over the past couple of months. In addition to several provisions relating to competence, the proposed act, among other things, contains a rephrased version of the fundamental right to data protection, introduces the mandatory appointment of data protection officers and suggests enabling the matching of images with explicit consent.


Bermuda

PIPA and GDPR: new regulations protecting personal information
Carey Olsen Bermuda
  • Bermuda
  • 03 July 2018

The Personal Information Protection Act (PIPA) was introduced to regulate and protect the use of personal information and embodies eight core privacy principles which are internationally recognised and accepted. As with the PIPA, the General Data Protection Regulation (GDPR) was enacted to govern the use of personal information and data. Bermuda companies should seek legal advice to determine whether the GDPR applies to their operations and, if so, how.


Brazil

New data protection law enacted
BMA Barbosa Mussnich Aragao
  • Brazil
  • 18 September 2018

The president recently approved, with a partial veto, the Project for a General Law regarding Data Protection. The law will regulate the processing of personal data in Brazil. Even though this adaptation may be costly and time consuming, the enforcement of the law is expected to guarantee greater protection of personal data, increasing confidence in Brazil's economic environment.


Canada

Online newspaper articles and libel do not toll notice and limitation periods
  • Canada
  • 27 July 2017

An eagerly anticipated media law decision from the Ontario Court of Appeal confirms what may seem to be an obvious legal proposition: the publication of a newspaper article online is treated the same as the print version for the purposes of notice and limitation periods in a civil action – in other words, time periods governing libel actions do not start afresh each day that an online article is online.


China

Contributed by AnJie Law Firm
Cyberspace Administration of China issues rules on protection of children's personal information
  • China
  • 19 July 2019

The Cyberspace Administration of China recently held a public consultation on the Provisions on the Cyber Protection of Personal Information of Children (Draft for Comment). The draft provisions set out a number of recommendations for network operators, including formulating special rules to protect children's personal information and user agreements and employing a personal information protection specialist or designating personnel to oversee the protection of children's personal information.

Cyberspace administration releases new rules on security assessment of cross-border transfers of personal information
  • China
  • 12 July 2019

The Cyberspace Administration of China recently released the Measures on Security Assessment of Cross-Border Transfer of Personal Information (Draft for Comment). According to the draft, network operators must apply to the provincial-level cyberspace administration for a security assessment before conducting cross-border transfers. Further, network operators must record all cross-border transfers and retain the records for at least five years.

Police authorities issue guidelines on protection of personal information
  • China
  • 31 May 2019

The Security Protection Bureau of the Ministry of Public Security, the Beijing Cyber Industry Association and Research Institute Number 3 of the Ministry of Public Security recently issued the Guidelines for the Protection of Personal Information Security on the Internet, which set out a series of measures and processes for the protection of personal information. Although the guidelines appear to be non-binding, they are likely to be treated as a statute-like norm.

MIIT cracks down on intrusive telemarketing and misuse of personal information
  • China
  • 24 May 2019

Following the Chinese Central TV Station's (CCTV's) broadcast of the 3.15 programme in 2019, the Ministry of Industry and Information Technology decided to crack down on telephone harassment and strengthen the protection of personal information in the telecoms and internet sectors. The CCTV will broadcast 3.15 on 15 March each year in order to reveal company activities which infringe consumer rights and interests.

SCC continues to assess unlawful collection of personal information by apps
  • China
  • 17 May 2019

The Shanghai Consumer Council recently released the results of its assessment of 39 apps, which aimed to evaluate the level of access that they had to users' personal information. The assessment revealed that 25 apps had been over collecting users' personal information and that only 14 apps had actual service-related reasons justifying their collection of sensitive personal information.