CAC issues Standard Contract Measures for Exports of Personal Information

The Cyberspace Administration of China (‘CAC’) announced, on 24 February 2023, the publication of the Standard Contract Measures for Exporting Personal Information, which were adopted on 3 February 2023. In particular, the CAC highlighted that the measures apply to personal information processors who provide personal information outside the People’s Republic of China by concluding a standard personal information export contract with an overseas recipient.

France: CNIL publishes dossier regarding use of digital identity

The French data protection authority (‘CNIL’) published, on 23 March 2023, a thematic dossier on digital identity. In particular, CNIL highlighted that the dossier defines the concept of digital identity, the issues surrounding the usage of digital identity, and obligations for organisations using digital identities..

UK: ICO issues guidance on assessing applicability of Children’s Code

The Information Commissioner’s Office (‘ICO’) announced, on 24 March 2023, that it had issued draft guidance on the Age Appropriate Design Code, also known as the Children’s Code, which applies to ‘information society services likely to be accessed by children’ in the UK, and had launched a public consultation on the same. In particular, the ICO’s draft guidance is focused on the meaning of ‘likely to be accessed’ in the context of the Children’s Code. Accordingly, the ICO stated that the draft guidance aims to support information society service providers to assess whether children are likely to access their service, and includes frequently asked questions (‘FAQs’), list of factors, and case studies.