Publication
UK failure to prevent fraud offence: What do you need to do now?
A new “failure to prevent fraud” offence has been introduced as part of the Economic Crime and Corporate Transparency Act (the Act).
China issues revised draft of the personal information security specification for consultation
China | Publication | March 2019
On February 1, 2019, the PRC State Administration for Market Regulation and the PRC Standardisation Administration jointly issued a draft Information Security Technology – Personal Information Security Specification (the Personal Information Security Specification or the Updated Version), along with a request for public comments.
The draft Personal Information Security Specification is an updated version of an earlier specification, which had become effective on May 1, 2018 (the Original Version). The Updated Version further implements requirements of personal data protection under the PRC Cyber Security Law, and is in line with relevant PRC laws issued recently – for example, the PRC E-Commerce Law (effective as of January 1, 2019).
Compared with the Original Version, the Updated Version includes the following major changes.
The Updated Version adds a definition of “personalised display” and regulations relating to this new concept.
Under the Updated Version
The Updated Version provides for certain rules in situations where personal data is collected for a third party product or service that has been incorporated or inserted into the master product or service.
In such situation, the data controller of the master product or service must
The Updated Version enhances risk management requirements for data controllers by laying down obligations for setting up a personal information security committee or designated personnel in charge of personal data protection, and their respective responsibilities and liabilities for personal data protection matters.
It has been just nine months since the Original Version was implemented that an Updated Version is now subject to consultation. This reflects the efforts made by Chinese regulators to promulgate new rules to improve regulation of personal data matters, and is aligned with multiple enforcement activities undertaken by Chinese authorities in the past months.
Although the Updated Version is still in draft form, we expect that the Personal Information Security Specification will soon be finalised and take effect. Once that occurs, it ought to be regarded as an example of good practice and practical supplementation guidance for personal information protection under the framework and requirements of the PRC Cyber Security Law.
It is possible, however, that the Updated Version could still be subject to further change before it is finalised. We will monitor any changes in relation to the Updated Version and other Chinese data and cybersecurity regulatory requirements and provide corresponding updates where appropriate.
Publication
A new “failure to prevent fraud” offence has been introduced as part of the Economic Crime and Corporate Transparency Act (the Act).
Publication
On April 11 - 12, Luxatia International held the 4th World Legal Operations Summit in Berlin. Tom Evans, senior consultant in our Legal Operations Consulting Team, shared his tips for driving effective change management and leading successful transformation projects.
Publication
On May 14, 2024, Lena Haffner, Innovation Lead Germany at Norton Rose Fulbright, shared her insights on “How do you make a law firm AI ready?" at Legal Revolution 2024, one of Europe’s leading conferences in legal innovation and technology. Her lecture focused on developing a comprehensive roadmap for integrating AI into law firms, emphasizing the importance of developing a robust AI strategy and fostering an innovation-ready culture. Key topics covered in the lecture included strategic planning, skills development, multidisciplinary teamwork, and strong AI governance.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023