Pursuant to President Biden’s March Executive Order, the DOJ has proposed new rules limiting the transfer of certain categories of data to “countries of concern” or “covered persons”....more
12/13/2024
/ China ,
Covered Person ,
Covered Transactions ,
Data Security ,
Department of Justice (DOJ) ,
International Data Transfers ,
Personal Data ,
Proposed Rules ,
Russia ,
Sensitive Personal Information ,
Venezuela
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers.
In...more
4/1/2024
/ China ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Free Trade Zone ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Regulations ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Regulatory Requirements ,
Risk Assessment ,
Security Risk Assessments ,
Sensitive Personal Information ,
Standard Contractual Clauses
President Biden issued an Executive Order last month calling on the DOJ and relevant government agencies to tighten regulations on bulk data transfers to “countries of concern.” In late February, President Biden issued...more
3/22/2024
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Biden Administration ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Department of Justice (DOJ) ,
Executive Orders ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Requirements
While the reform is a long way away from a certainty, it represents a departure of the UK from the EU’s strict adherence and adoption of the General Data Protection Regulation which came into effect in 2018.
Earlier this...more
3/22/2023
/ Consent ,
Cookies ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Prior Express Consent ,
Proposed Legislation ,
UK ,
UK GDPR
The new guidelines provide insight into how businesses can submit applications to the CAC in order to obtain approval via the CAC security assessment cross-border data transfer requirement.
As of September 2022, all...more
10/19/2022
/ China ,
Compliance ,
Cross-Border ,
Cybersecurity ,
Data Security ,
International Data Transfers ,
New Guidance ,
Personal Data ,
Personal Information Protection Law (PIPL) ,
Registration Requirement ,
Security Risk Assessments
The Executive Order hopes to address what had been shortcomings in the previous Safe Harbor and Privacy Shield programs that were struck down by EU courts in 2015 and 2020 respectively.
On October 7, 2022, President...more
10/11/2022
/ Biden Administration ,
Data Privacy ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
FISA ,
Foreign Intellgence ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
National Intelligence Agencies ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
Surveillance
Moving forward, businesses will need to use the updated Data Transfer Agreement or Data Transfer Addendum for any relationship or contract that contemplates the cross-border transfer of UK personal data.
As of September...more
Moving forward, businesses will need to use the updated Data Transfer Agreement or Data Transfer Addendum for any relationship or contract that contemplates the cross-border transfer of UK personal data.
As of September...more
The transfer mechanisms drive home China’s focus on data localization, as the measures all set forth cumbersome procedures and requirements, including security assessments and required contractual considerations. Despite...more
While the announcement is short on details, once in place, U.S.-based. entities will be able to use the new agreement to comply with the GDPR’s cross-border data transfer requirements.
On March 25, the U.S. and E.U....more
4/6/2022
/ Biden Administration ,
Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Intergovernmental Agreements ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The amended law comes into effect in April and covers new categories of personal information, including personal-related information and sensitive personal information.
In June 2021, Japan enacted an amendment to its privacy...more
The new mechanisms, which are likely to pass Parliament, will become effective on March 21, 2022 and will require businesses and organizations to review existing and new contracts.
The Information Commissioner’s Office...more
More, possibly similar decisions are expected in the coming months, throwing cross-Atlantic data transfers and trade into doubt as diplomats seek a Privacy Shield replacement.
In late December, the Austrian Data...more
2/3/2022
/ Analytics ,
Austria ,
Binding Corporate Rules ,
Cookies ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
FISA ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Schrems I & Schrems II ,
Standard Contractual Clauses
As drafted the new measures specify security assessment and contract requirements but leave ample room for Chinese authorities to heavily restrict cross-border data transfers.
At the end of October, China’s top privacy...more