Claudia Chan

Subscribe to Claudia Chan's Posts

On October 9, 2025, the European Commission (EC) and the European Data Protection Board (EDPB) published Draft Guidance on the interplay between the Digital Markets Act (DMA) and the General Data Protection Regulation (GDPR, and the Draft Guidance).Continue Reading Connecting Competition and Privacy: EU Regulators Release Draft Guidance on DMA and GDPR Interplay

On July 14, 2025, the European Commission (EC) published its guidelines (the Guidelines) on the protection of minors online. These Guidelines, which were initially released for consultation in May 2025, provide direction for online platforms on the steps they can take to comply with their duties to protect the privacy, safety, and security of minors under the EU’s Digital Services Act (DSA). They focus on assessing and mitigating platform risks, the appropriate use of age assurance, and measures that should be taken to protect minors from manipulative commercial practices.Continue Reading European Commission Publishes DSA Guidelines on the Protection of Minors Online

Consumer protection in digital markets has become a major public concern in recent years, and the UK is the latest jurisdiction to introduce legislation aimed at enhancing protections online. The Digital Markets, Competition, and Consumers Act (DMCCA or the Act) introduces significant overhauls to the UK’s legal framework, with implications for businesses with online operations.Continue Reading Consumer Protection in the UK: Update on Reforms Taking Effect in 2025 and 2026

On June 19, 2025, the UK Data (Use and Access) Act 2025 was enacted, marking the culmination of a lengthy legislative process aimed at reshaping aspects of the country’s data protection regime. First proposed in 2021 as part of a government strategy titled, “Data: a new direction,” the legislation has undergone several rounds of revision since its initial introduction. Its passage reflects the UK’s desire to diverge, in measured ways, from the EU’s approach to data regulation in the post-Brexit landscape.Continue Reading UK Introduces New Legislation Amending Privacy Laws

On May 13, 2025, the European Commission (EC) published draft guidelines on the protection of minors online. The guidelines outline the proposed measures that the EC expects online platforms accessible to minors to take to protect minors’ privacy, safety, and security in line with requirements under the Digital Services Act (DSA).Continue Reading EU Commission Launches DSA Consultation on the Protection of Minors Online

On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report all ransomware incidents, but also to declare whether they intend to pay a ransom. The government also announced that it proposes to ban public bodies and infrastructure providers from making ransom payments to cyber attackers. A public consultation is open until April 8, 2025.Continue Reading Ransomware Attacks: UK Government Proposes Ransom Payment Ban and Mandatory Notification Requirements