Search results

[…] and unnecessary compliance costs due to contradictory requirements in Asia Pacific. Modern data protection laws should shift the onus of data protection from users to organizations, by promoting an accountability-based approach to data protection over a “consent-centric” one. Different avenues may be used to rebalance consent and privacy accountability in APAC, including through concepts […]

[…] Chinese law. This chapter is emblematic of the diversity of the objectives pursued by the text as described earlier. In these provisions, the legislator seeks both to promote responsible data transfers that respect the rights and interests of Chinese citizens, on the model of other provisions relating to transfers in “traditional” data protection laws, […]

[…] economic, and professional opportunities. If regulation is to be effective, it should focus on both technical details and the underlying values and rights that must be protected from adverse uses of AI, to ensure that AI is ultimately used to promote human dignity and welfare. A .pdf version of the printed paper is available here.

[…] to unauthorized individuals. Security best practices require that authentication be accomplished via a multi-factor system, requiring two of the three options: something you know (password or pin code, security question), something you have (a smart card, specific mobile device, or USB token), or something you are (a biometric).  Once an ID holder is authenticated, […]

[…] treatment. The Prefatory Note of a late-stage draft of the UPDPA notes that it seeks to avoid “the compliance and regulatory costs associated with the California and Virginia regimes.”  Central to the framework, however, is a useful distinction between “compatible,” “incompatible,” and “prohibited” data practices, which moves beyond a purely consent model based on […]

Last week, President Biden signed an Executive Order on “ Promoting Competition in the American Economy” (“the Order” or “the EO”), published together with an explanatory Fact Sheet. The Order outlines a sweeping agenda for a “whole of government” approach to enforcement of antitrust laws in nearly every sector of the economy. Although there […]

[…] a series of examples of intangible concrete harms, many of them traditional privacy harms, including: reputational harms, disclosure of private information, intrusion upon seclusion, and infringement of free exercise. The Court then concludes that the subset of the class who had the false information about them disclosed had suffered a reputational injury, a type […]

[…] examples of dark patterns are both clear and harmful, such as a design that tricks users into making recurring payments, or a service that offers a “ free trial” and then makes it difficult or impossible to cancel. In other cases, the presence of “nudging” may be clear, but harms may be less clear, […]

[…] the fact that the DGA and PSD2 have diverging models for fostering data-based innovation: as an illustration, while PSD2 mandates banks to share customer data with fintechs, free of charge and upon the customer’s contractual consent, the DGA centres around voluntary data sharing, for which public bodies may charge fees and data subjects are […]

[…] liability and regulation of publishers of digital content have generated significant debate since their release in February 2021. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (the Rules) have: recast the conditions to obtain ‘safe harbour’ from liability for online intermediaries, and  unveiled an extensive regulatory regime for a newly […]