The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
ust over a year ago, on 21 April 2022, the seven economies (Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA) participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border...more
Please take note! 1.SchremsII and cross border transfers: Risk based, wherefore art thou? With the Google Analytics, Google Fonts, Amazon AWS, Google Workspace other cases, the SchremsII and DPA guidance is piling up....more
As we have written in the past, APEC’s Cross-Border Privacy Rules (CBPR) program is intended to help companies more easily transfer personal data across borders. Participating companies complete self-assessments and...more
On June 10, 2021, China’s national legislature – the Standing Committee of the National People's Congress passed the Data Security Law (the “DSL”). The DSL (see here for a non-official English translation) took effect on...more
On August 20, 2021, the Standing Committee of the National People’s Congress (NPC) of the People’s Republic of China (PRC or China) enacted the Personal Information Protection Law (PIP Law), which will come into effect on...more
It is no overstatement to say that 2019 saw a torrid pace of development of Asia-Pacific region data protection and cybersecurity laws. Such was the rate and complexity of change that it is not straightforward to distil...more
General Data Protection Regulation (GDPR) Published, Commencing Two-Year Countdown to Application. One of the most important EU legislative initiatives in recent years, and a landmark in privacy regulation worldwide, the GDPR...more