Sent to subscribers in September 2017

This Supplement #24 to our two-volume treatise Global Privacy and Security Law reflects a period significant transition in the European Union and European Economic Area where the member states are still working on interpreting the EU General Data Protection Regulation (GDPR) into their laws. Few countries have published any tangible information about their views on the transition to the new regime under the GDPR.

On the other hand, the Article 29 Working Party has been prolific and has published several guidelines which are detailed in our Chapter 06A. The Article 29 Working Party has already published on Guidelines on Data Protection Officers, Data Portability, and Lead Supervisory Authority. It has also published for consultation Guidelines on Data Protection Impact Assessment, and is working on additional Guidelines on the concept of Consent, which are expected to be published by the end of 2017. Details on these Guidelines are provided in Chapter 06A.

In the Middle East, Israel has significant updated its Information Security Regulations, to expand upon the old regulations to prevent the misuse of data. The new Regulations are intended to realize the objectives of the original law and include several innovations, of which the most significant are intended to protect the privacy of registered users in a computerized database.
The Asia Pacific Region has also seen sig

nificant developments. For example, in June 2017, South Korea became the fifth country to join the CBPR system. Japan and China have made significant changes to their laws governing the protection of personal information.

In Latin and South America, Uruguay has welcome the EU-US Privacy Shield and now recognizes as providing “adequate protection” the US companies that are listed on the EU-US Privacy Shield list. In Colombia, The Superintendence of Industry and Commerce of Colombia (SIC) has prepared a draft regulation with a series of dispositions, that would clarify the obligations of managers and controllers in connection with the transfer and transmission of data to thirds Countries. Chile is working on a bill that would update its current privacy law and would increase the level of privacy protection to meet the guidelines of the Organization for Economic Cooperation and Development (OECD), which Chile joined in 2010.

The global privacy and security framework keeps evolving. While technology evolves faster than laws, throughout the world, legislators and litigators are paying attention to the many uses and potential misuses of personal information.