When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
In one of the most clear-eyed and sobering assessments of the cyberthreat China poses to our nation’s critical infrastructure, the country’s foremost cybersecurity leaders recently testified that the Chinese Communist Party...more
Editor’s Note: On January 18, 2023, HaystackID shared an educational webcast on China’s emerging statutes and regulations governing the processing, disclosure, and transfer of data. As Chinese entities increasingly become...more
Editor’s Note: On July 27, 2022, HaystackID shared an educational webcast on the topic of Committee on Foreign Investment in the United States (CFIUS) compliance. CFIUS is a U.S. government interagency committee with the...more
“Data export” refers to the overseas transfer from China of data collected and generated within China, as well as the scenario in which a foreign entity or foreign individual is granted the authority to access to any data...more
A joint advisory issued June 7, 2022, by the Cybersecurity & Infrastructure Security Agency, FBI and the National Security Agency entitled “People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and...more
Unless you’ve been completely disconnected from the internet for the past year, you’ve undoubtedly read about the passage of a number of state and international laws addressing privacy and cybersecurity. Does this mean that...more
Recently, thirteen relevant Chinese government agencies (e.g. Cyberspace Administration of China, National Development and Reform Commission of China, China Securities Regulatory Commission, etc.) jointly released amended...more
The Cyberspace Administration of China (the "CAC"), in conjunction with 12 other government departments (collectively, the "Working Mechanism"), issued the New Measures for Cybersecurity Review (the "New Measures") on January...more
On 30 July 2021, the State Council promulgated the Regulations on the Security Protection of Critical Information Infrastructure (the Regulation), which took effect on 1 September 2021. This Regulation dovetails with the...more
On August 20, 2021, China passed its first general data protection law, called the Personal Information Protection Law (“PIPL”). The law is set to take effect on November 1, 2021 (two months away), and it applies to both (1)...more
China’s State Council on August 17 released the Critical Information Infrastructure Security Protection Regulations (“Regulations”) effective September 1, a key administrative regulation in the implementation of the 2016...more
Recent U.S. IPOs of Chinese companies prompt data security concerns among government authorities, leading to a tightening of cyber regulations. Cybersecurity review will be mandatory for (i) purchase of network products and...more
On June 10, 2021, the Standing Committee of the 13th National People's Congress passed the long awaited People's Republic of China (China) Data Security Law ("DSL") after a final read of the third draft. The DSL, which takes...more
The COVID-19 pandemic and the serious supply chain vulnerabilities it exposed have led to a seismic shift in U.S. policy and regulation, from stepped-up measures to protect U.S. technology, intellectual property and data from...more
The new measure, which will come into effect on June 1, 2020, will potentially affect operators of critical information infrastructures as well as their domestic and overseas suppliers. Affected companies should now take...more
Data protection authorities from around the world are stepping in to provide their input and guidance on the matter of data processing activities and the fight against the coronavirus. Hogan Lovells’ global Privacy and...more
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion - Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People's Republic of China Encryption Law ended with its promulgation on 26 October 2019. It will take effect on 1 January...more
Increasing numbers of initiatives, devices, and solutions related to the Internet of Things (IoT) are substantially impacting the development of cybersecurity and data privacy regulations throughout Asia. ...more
In the final days of 2017, the vice chairman of the Standing Committee of China’s National People’s Congress (NPC) submitted a report to the Standing Committee of the NPC detailing the Network Security Law enforcement...more
China’s new data protection framework clearly creates a requirement for local storage and conducting a security assessment before personal information or important data is shared with other jurisdictions, but it is currently...more
Since the Cybersecurity Law of China took effect three months ago, various peripheral regulations have been published by the Cyberspace Administration of China (CAC) and other related agencies. These regulations have...more
Another step forward filling in blanks in the cyber security law or more questions than answers? On 11 July 2017, the China Cyberspace Administration ("CAC") released the draft Key Security ("Draft Regulations") for public...more