Select Page

Author: Privacy Matters

HONG KONG: company director convicted for ignoring data protection investigation

By Lauren Hurcombe Organisations in Hong Kong and individuals alike, should take note and ensure they ‘treat data privacy seriously’ following the first criminal conviction for failing to comply with a lawful requirement of the Privacy Commissioner for Personal Data (“Privacy Commissioner”). The case (decided last month) concerned a director of an employment agency, which was the subject of investigation after a complaint was made alleging personal data had been transferred by the agency to a third party without the complainants consent. In responding to the complaint, the Privacy Commissioner had repeatedly tried to contact the director of the...

Read More

SINGAPORE: significant changes proposed to Singapore’s data protection law – 5 things you need to know

By Lauren Hurcombe and Carolyn Bigg Significant changes are proposed to Singapore’s data protection law, which if passed would have a material impact on organisations’ Singapore data protection compliance programmes. Here’s what you need to know so you can plan ahead. 1. No need for consent in some cases where purpose of collection is notified The amendments propose an alternative to obtaining consent for the collection, use or disclosure of personal data where obtaining consent is not practical in the circumstances (provided it would not have an adverse impact on the individual). This would be a pragmatic and welcome...

Read More

Criminal records of employees might be a privacy risk for your business

A decision of the Italian privacy authority on the illegal collection of data on criminal convictions of employees raised the issue on a practice that is quite common. We are running a number of privacy audit on companies that need to get compliant with the General Data Protection Regulation and we can verify that the practice of collecting a police clearance report (in Italian the “casellario giudiziale“) of employees is quite common, regardless of the role to be taken by such employees, just because this is a standard practice adopted with anyone hired by the company and in absence of a...

Read More

UK: Statement of Intent on GDPR Bill

The UK Government yesterday published a Statement of Intent providing further insight into the UK’s new Data Protection Bill (“Bill“). The Bill was originally announced in the Queen’s Speech in June. The Statement emphasises the commitment of the UK Government to implement the GDPR into UK law, to ensure the UK digital economy is underpinned by privacy laws that are at the forefront of global standards, and facilitate an uninterrupted flow of data between the UK and EU post-Brexit. The Statement separately sets out the Government’s commitment to adopting the Data Protection Law Enforcement Directive into UK law. It...

Read More