Malicious actors continue to exploit our connected digital ecosystem, disrupting organizations across all sectors. Some of the most significant evolutions in the cyber threat landscape stem from artificial intelligence...more
10/20/2025
/ Artificial Intelligence ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Deep Fake ,
Incident Response Plans ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Supply Chain ,
Third-Party Risk
With the blistering pace of AI development and deployment, regulation has struggled to keep pace. As legislators and regulators grapple with the risks involved in the use of AI and how best to control those risks (if at all),...more
INTRODUCTION -
Artificial Intelligence ("AI") tools are now widely adopted across various industries in Hong Kong. The Office of the Privacy Commissioner for Personal Data ("PCPD") conducted a number of compliance checks...more
10/6/2025
/ Artificial Intelligence ,
Data Privacy ,
Data Protection ,
Data Security ,
Hong Kong ,
Innovative Technology ,
Machine Learning ,
New Guidance ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management
Artificial Intelligence ("AI") development and deployment have been at the forefront of the national agenda in China for quite some time, with the government identifying AI as a key driver for economic growth and...more
10/6/2025
/ Artificial Intelligence ,
China ,
Data Privacy ,
Data Protection ,
Ethics ,
Innovative Technology ,
New Regulations ,
Proposed Rules ,
Regulatory Oversight ,
Regulatory Reform ,
Risk Management
INTRODUCTION -
Credit Base (HK) Limited ("Credit Base"), a Hong Kong-based debt collection agency, was recently convicted of two direct marketing offences under the Personal Data (Privacy) Ordinance ("PDPO"). The West...more
10/6/2025
/ Consent ,
Data Privacy ,
Debt Collection ,
Direct Marketing ,
Enforcement Actions ,
Hong Kong ,
Opt-Outs ,
Penalties ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements
ABSTRACT -
Intellectual Property (IP) litigation can be complex, resource-intensive, and dependent on nuances like patent claim scope or trade secret definitions. But issues from underlying IP transactions or license...more
INTRODUCTION - The Protection of Critical Infrastructures (Computer Systems) Bill (the "Bill"), as the first law in Hong Kong to deal with cybersecurity was passed on 19 March 2025, and will come into force on 1 January 2026....more
The Office of the Privacy Commissioner for Personal Data (“PCPD”) released an updated version of the Information Leaflet on Legal Assistance for Civil Claims under the Personal Data (Privacy) Ordinance (“PDPO”) (the “2025...more
INTRODUCTION -
Artificial intelligence ("AI") has rapidly transitioned from experimental use to widespread adoption across Hong Kong. Organisations are now leveraging AI models to enhance customer service, improve risk...more
7/25/2025
/ Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Protection ,
Data Security ,
Hong Kong ,
Personal Data ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management
INTRODUCTION -
Almost eight years after the Cybersecurity Law (“CSL”) came into force in the PRC in 2017, the Cyberspace Administration of China (“CAC”) issued draft amendments to the CSL (“2025 Draft Amendments”) on 28...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
4/28/2025
/ Audits ,
China ,
Data Controller ,
Data Privacy ,
Data Protection ,
Data Security ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements ,
Reporting Requirements
The Guangzhou Internet Court (the “Court”) recently issued its first judgment involving the cross-border transfer of personal data under the Personal Information Protection Law (“PIPL”).1 An international hotel group was...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
12/24/2024
/ China ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Extraterritoriality Rules ,
International Data Transfers ,
New Regulations ,
Regulatory Reform ,
Regulatory Requirements
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
INTRODUCTION -
On 28 October 2024, the Financial Services and Treasury Bureau ("FSTB") of Hong Kong issued a policy statement on the responsible application of artificial intelligence ("AI") in the financial market...more
Malaysia's Cyber Security Act 2024 ("CSA") came into effect on 26 August 2024, establishing regulatory standards for the nation's cyber defences and marking a significant step forward in resilience against cyber threats. The...more
In early July 2024, the Hong Kong SAR Government released a proposal for the regulation of Critical Infrastructure Operators (CIOs) and Critical Computer Systems (CCS) (Proposed Framework) for consultation. The consultation...more
INTRODUCTION -
In August 2024, the Hong Kong Office of the Privacy Commissioner for Personal Data (“PCPD”) released a revision of the “Code of Practice on the Identity Card Number and other Personal Identifiers: Compliance...more
INTRODUCTION -
The acceleration of the rate of cyber-attacks against companies in Hong Kong in the last year or so (with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of...more
Hong Kong has witnessed a notable surge in cyber breach incidents in recent years. The cyberattacks have affected various organisations across the public, private and non-profit sector. Cybersecurity incidents recorded a...more
INTRODUCTION -
The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
7/24/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Data Security ,
Hong Kong ,
Personally Identifiable Information ,
Regulatory Agenda
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
INTRODUCTION -
The rapid development of Artificial Intelligence (AI) has generated much excitement over the past two years. Since the public launch of Open AI's ChatGPT on 30 November 2022, generative AI and its...more
The rapid development of artificial intelligence (“AI”), together with the increased number of commercial use cases made possible by generative AI (“Gen AI”), have brought about a wave of new opportunities for businesses...more