"Monsters Inc." y el tratamiento de los datos
Introducing The Crypto Exchange Podcast
Episode #7 - It's All About Latency: The Future of Data Processing and Storage
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Compliance Perspectives: Compliance, GDPR and Brexit
The CCPA for the Land Title Industry: Who Does the CCPA Apply To?
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more
The enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL, together with the CSL and the DSL, “Data Security Laws”) has significantly reshaped the landscape of...more
China's Cybersecurity Law ("CSL"), Personal Information Protection Law ("PIPL") and Data Security Law ("DSL") set a series of rules and requirements for the cross-border transfer of personal information located in China....more
On February 24, 2023, the Cyberspace Administration of China (“CAC”) released its final version of the Standard Contract Measures for Exporting Personal Information (“Standard Contract Measures”), accompanied by a template...more
In recent years, alongside the rapid development of the digital economy and the concomitant increase in data generation, collection, processing and monitoring in the People’s Republic of China (PRC or China), the Chinese...more
The Personal Information Protection (PIP) Law of the People’s Republic of China (PRC) provides three legal mechanisms for a personal information processor (data controller) in the mainland PRC to transfer personal information...more
Article 38 of China’s Personal Information Protection Law (“PIPL”) enacted in 2021, which is more demanding than GDPR in Europe, provides three channels to conduct the outbound transfer or export of personal information...more
On December 16, 2022 – less than six months after the initial version (“V1.0”) was released in June 2022, and within six weeks after the draft revision was issued on November 8 – the National Information Security...more
In a recent alert, we painted the big picture of the security assessment conducted by the Cyberspace Administration of China (CAC) to data exporting activities from China (CAC Assessment), highlighting what data export...more
Under the PRC Cybersecurity Law, PRC Personal Information Protection Law and PRC Data Security Law, certain organisations (as well as individuals) are now required to conduct a security assessment of outbound transfers of...more
China’s CAC publishes guidance on cross-border data transfers, including draft standard contractual clauses and regulatory guidance on certification and security assessment. Key Points: ..Security Assessment:...more
The transfer mechanisms drive home China’s focus on data localization, as the measures all set forth cumbersome procedures and requirements, including security assessments and required contractual considerations. Despite...more
The Cyberspace Administration of China released for public consultation its long-awaited template for the cross-border data transfer agreement on June 30, 2022, under the draft Provisions on the Prescribed Agreement on...more
On November 1, 2021, the Personal Information Protection Law of the People’s Republic of China (the “PRC”) (the “Personal Information Protection Law”) went into effect, two months after the Data Security Law of the PRC (the...more
China passed its new Data Security Law ("DSL") in June 2021 and its new Personal Information Protection Law ("PIPL") in August 2021. Both new laws impact every business operating in or doing business with China, coupling...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
The Cyberspace Administration of China (“CAC”) on November 14, 2021 published the draft Regulations on the Administration of Network Data Security (“Draft Regulations”) for comment through December 13, 2021.1 The Draft...more
China had a lot of legislative movement in the area of data privacy this year. On June 10, 2021, the Data Security Law (DSL) was passed and it became effective on Sept. 1, 2021. This is a broader law applying to data...more
The Personal Information Protection Law (PIPL), which is considered the first comprehensive law on personal information protection in People’s Republic of China (PRC or China), came into effect on 1 November 2021. Prior to...more
China recently enacted its Personal Information Privacy Law (PIPL), which came into effect November 1, 2021. PIPL has global reach and broadly regulates entities of all industries that process the personal data of Chinese...more
China has recently joined the list of countries that have adopted the world’s strictest data-privacy laws. Given China’s desirability as both a market for and a source of data, companies worldwide have started making early...more
On November 1, 2021, the new Chinese Personal Information Protection Law (PIPL) will come into effect. This law is modeled after the well-known European General Data Protection Regulation (GDPR). Like the GDPR, the PIPL will...more