Russia has enacted amendments to its Personal Data Law (the “Amendments”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save…
On 1 July 2021,[1] Federal Law No. 236-FZ on the Internet Activities of Foreign Entities in the Russian Federation (the “Law”)[2] came into force, requiring establishment of local presence, such…
On 1 March 2021, Federal Law No. 519-FZ on Amendments to the Federal Law on Personal Data dated 30 December 2020 (the “Law”) came into force. The Law places additional…
On 19 January 2021, the UK Information Commissioner’s Office (the “ICO”) published its September 2020 letter to the Securities and Exchange Commission (the “SEC”) analysing the GDPR’s impact on UK-based…
Hot on the heels of British Airways’ £20m fine (covered here), the UK Information Commissioner’s Office has fined Marriott £18.4m for alleged data security failings linked to the breach of…
In a long-awaited final decision, the UK Information Commissioner’s Office (the “ICO”) has issued a fine of £20m to British Airways (“BA”) following a data breach that took place in…
Today, Debevoise’s Data Strategy & Security practice (DSS) is launching a Data Blog to help clients identify and respond to emerging issues, and a Debevoise Data Portal to help clients facing a breach…