When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
The Cyberspace Administration of China (“CAC”) on September 28, 2023 issued the draft Provisions on the Regulation and Promotion of Cross-Border Data Flows (“draft Provisions”), just one year after China’s data export...more
On September 28, 2023, the Cyberspace Administration of China (CAC) released draft Provisions on Regulating and Promoting Cross-Border Data Flows (see the Chinese version and the unofficial English translation) for public...more
U.S.-based multinationals with employees in the People’s Republic of China (PRC) are confronting a November 30 deadline to implement China’s new cross-border data transfer mechanism—the Standard Contract. This implementation...more
The Cyberspace Administration of China (“CAC”) on August 3, 2023 published the draft Administrative Measures for Personal Information Protection Compliance Audits (“draft Measures”) for public comment through September 2,...more
As part of our Spotlight series, we welcome Todd Liao, a partner in our Shanghai office who works with clients on a wide range of complex commercial and financial transactions and legal issues involving China. Todd is a...more
On February 24, 2023, the Cyberspace Administration of China (CAC) released the much-awaited Measures for the Standard Contract for Outbound Transfer of Personal Information (China SCC Measures) together with the issuance of...more
On February 24, 2023, the Cyberspace Administration of China ("CAC") issued the long-awaited Measures on the Standard Contract for Outbound Cross-Border Transfer of Personal Information ("Measures")....more
The Cybersecurity Administration of China (the "CAC") has published guidelines concerning outbound data transfers of personal information and "important data" from China to other jurisdictions. Businesses must comply with...more
The Chinese regulatory authorities have published several new regulations and proposals in the past two months seeking to clarify the requirements of the Chinese Personal Information Protection Law (the PIPL) that came into...more
China’s internet watchdog, the Cyberspace Administration of China (CAC), has continued to tighten its regulation of internet industries and driven the formulation of many new laws and regulations in cybersecurity and data...more
The Personal Information Protection Law (PIPL), which is considered the first comprehensive law on personal information protection in People’s Republic of China (PRC or China), came into effect on 1 November 2021. Prior to...more
Two new Chinese laws dealing with data security and privacy came into force in the fall of 2021 that are likely to have an impact on many multinational companies operating in China or whose operations touch China. These two...more
China has recently joined the list of countries that have adopted the world’s strictest data-privacy laws. Given China’s desirability as both a market for and a source of data, companies worldwide have started making early...more
China’s Personal Information Protection Law, adopted August 20, 2021, becomes effective on November 1. The PIPL establishes a comprehensive data protection structure for the collection, use, and disclosure of the personal...more
On 30 July 2021, the State Council promulgated the Regulations on the Security Protection of Critical Information Infrastructure (the Regulation), which took effect on 1 September 2021. This Regulation dovetails with the...more
China recently has passed its Personal Information Protection Law. The law will take effect on 1 November 2021....more
On 20 August 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL). The PIPL has a rapid timeframe for implementation, taking effect on 1 November 2021. The brief transition period...more
When the DSL goes into effect on September 1, 2021, it will impose certain restrictions on a company's ability to transfer data out of China without the prior approval of Chinese authorities. One significant restriction is...more
On August 20, 2021, the Standing Committee of the National People’s Congress adopted the Personal Information Protection Law of the People’s Republic of China (the “Personal Information Protection Law”). The Personal...more
On August 20, 2021, China enacted the Personal Information Protection Law (PIPL), which will take effect on November 1, 2021. This legislation supplements the Cybersecurity Law enacted on November 7, 2016, the privacy rights...more
China’s long-awaited Personal Information Protection Law (PIPL), after two rounds of draft versions, was finally passed by the Standing Committee of the National People's Congress on August 20, 2021, with the law effective...more
On July 6, the General Office of the Central Committee of China’s Communist Party and the General Office of the State Council jointly issued the Opinions on Strictly Cracking Down on Illegal Securities-related Activity in...more
On June 10, 2021, almost exactly three years after the passing of its Cybersecurity Law (CSL), the National People’s Congress of China passed a new Data Security Law (DSL) (click here for an unofficial English translation of...more
China’s new Data Security Law includes more expansive and restrictive requirements on data localization, mandatory security level certification, and severe penalties on unauthorized foreign transfer of data....more
China’s National People’s Congress (NPC) promulgated the Data Security Law of the People’s Republic of China (DSL) on June 10, 2021. The DSL will take effect September 1, 2021, making for a very brief transition period...more