By Simon Berry and Daisy Shen Questions often arise about the scope of a data user’s obligations to respond to data subject access requests. Hong Kong’s Privacy Commissioner for Personal Data offers some guidance in a recently issued Guidance Note (Guidance on Proper Handling of Data Access Request and Charging of Data Access Request Fee … Continue Reading
In the run up to today’s deadline for EEA Member States to implement the EU’s revised Privacy and Electronic Communications Directive, including its new rules requiring consent to the use of cookies, the UK Department of Culture, Media and Sport (the DCMS) and the UK’s privacy regulator, the ICO, have released further guidance for businesses, … Continue Reading
Last week we posted about the fast approaching May 26 deadline for member state implementation of the EU’s revised Privacy and Electronic Communications Directive concerning cookies on web sites. We noted the relative absence of final (if any) guidance from EU jurisdictions on the approach to be taken in their respective implementations. On Monday, the UK’s privacy regulator, the Information … Continue Reading
The American Institute of Certified Public Accountants (“AICPA”) Statement of Auditing Standard No. 70, or SAS 70 as it is more commonly known, has been with us since April 1992. On 15 June 2011, it will effectively be replaced by two new standards: (i) a reporting standard for service organisations, the “Statement on Standards for … Continue Reading