Search results

[…] to the specification. For brevity, we refer to the specification for the terminology. Figure 1. A visual summary of the assessment procedure according to the specification ( page 18) Existing security certifications or third-party evaluations of the IoT device and/or its parts may be used partially as conformity evidence to complement or inform the […]

[…] processing personal data which provide a window into Indian regulators’ perspectives on these topics and may still be relevant in future legislation.  The PDP Bill provided a number of different legal bases for processing personal data, including consent but also several alternative bases which apply when processing of personal data is necessary for: compliance […]

[…] the development of personal data protection in Thailand.  Though the PDPA was passed in May 2019, it did not take effect immediately, and there have been a number of major developments in relation to the PDPA throughout 2022. In January 2022, the Thai government officially announced the appointment of the PDPC’s chairperson and members, […]

[…] exceptions are particularly crucial to the development of new technologies – but may also represent a significant increase in risk to the individuals concerned.  Panelists identified a number of areas where regulators in Latin America are currently working to issue more specific guidance on the subject of research exceptions – particularly in defining the […]

[…] limited manner by, among others, requiring an individual’s consent for collection, use, retention, or publication of information about that individual’s private life. These are complemented by a number of sector specific laws and regulations which provide for protection of personal data in a number of specific contexts, including cyberspace, healthcare, commerce, banking, and finance. […]

[…] data if they obtain consent from the data subject. However, this default rule is subject to other data protection principles (including purpose limitation) as well as a number of exceptions that apply where processing of personal data is necessary: to perform a contract to which the data subject is a party; to take steps […]

[…] the DPA, “processing” refers to any operation(s) performed upon personal information and includes collection, use, and disclosure of personal information, among others. The DPA also provides a number of exceptions for the processing of personal information by public authorities for various purposes. The stated policy aim of the DPA is to protect the fundamental […]

[…] in Australia. Role and status of consent in the jurisdiction Consent plays an important role in the Privacy Act and is relevant to the operation of a number of APPs. Though consent is not required for all collection of personal information under the APPs, consent is required for the collection of certain prescribed categories […]

[…] European law for purposes of cross-border data transfers. Role and status of consent in New Zealand Consent – which the Privacy Act calls “authorisation” – plays a number of roles in the Privacy Act but unlike in other major data protection laws internationally, is not a standalone legal basis for collecting, using, or disclosing […]

[…] In its advisory role, the PCPD is tasked with, among others, promoting public awareness and understanding of the PDPO. To that end, the PCPD has issued a number of guidelines on application of the PDPO’s requirements to specific situations or sectors. In its enforcement role, the PCPD is empowered to investigate possible contraventions of […]