No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Life With GDPR - Data Transfer Update
Life with GDPR - Data Transfers from EU/UK to US
Everything Compliance - The Elon Etc Edition
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Orrick Partners Matthew Coleman and Jeanine McGuinness join RegFi co-hosts Jerry Buckley and Sherry Safchuk to explore the implications of the Justice Department’s recent issuance of a final rule prohibiting and restricting...more
On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of...more
Starting July 9, 2025, the U.S. Department of Justice will begin enforcing its new “Bulk Sensitive Data Rule,” a sweeping regulation aimed at restricting the transfer and storage of sensitive U.S. personal and...more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
On April 11, 2025, the Department of Justice's National Security Division (NSD) issued additional guidance to assist U.S. organizations in understanding and complying with the Data Security Program (DSP). As discussed in our...more
Protecting trade secrets in any business is critical, but the stakes are higher in life sciences. Given the high focus on innovation in the industry, corporate espionage can result in devastating financial and reputational...more
The Cyberspace Administration of China (CAC) released an important Q&A on cross-border data transfer requirements and policies in early April, providing clarification on a number of issues of concern to companies in China....more
On Friday, December 27, 2024, the Justice Department issued a final rule to address “urgent national security risks posed by access to U.S. sensitive personal and government-related data from countries of concern and covered...more
President Joe Biden issued Executive Order (EO) 14117 in February 2024 to mitigate national security risks posed by threat countries’ access to sensitive personal data and government-related data. The EO directed the U.S....more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Companies worldwide are witnessing a significant surge in law enforcement requests (LER), a trend that presents both a challenge and an opportunity for operational enhancement. For example, a comparison of Meta’s transparency...more
A data controller that is not a critical information infrastructure operator that cumulatively exports personal information (excluding any sensitive personal information) of less than 100,000 individuals since January 1 of...more
Chinese authorities issued new regulations and guidance governing cross-border transfers of data and personal information, which will significantly reduce procedural and compliance burdens for many multinationals....more
Learning Objectives - Data privacy compliance requires the use of privacy impact assessments and data transfer assessments - What about the value of other assessments like privacy by design, online safety, AI risk,...more
The President of India gave assent for the Digital Personal Data Protection Bill 2023 on 11 August 2023, a matter of days after it had been passed by both the Lower and Upper House. The Digital Personal Data Protection Act...more
Welcome to the first edition of our AI Legal News Summer Roundup! With both the temperature and artificial intelligence developments heating up, the time is ripe to provide periodic updates this summer on recent legal...more
Updated June 2023 - The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security. This tracker summarizes the effect and status of the following: the Digital Services Act, the...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
In our previous posts, we discussed what data export activities are subject to scrutiny assessment (CAC Assessment) conducted by the Cyberspace Administration of China (CAC) (see Part 1) and examined what companies must do...more
In a recent alert, we painted the big picture of the security assessment conducted by the Cyberspace Administration of China (CAC) to data exporting activities from China (CAC Assessment), highlighting what data export...more
With the rapid development of the global digital economy, multinational companies (MNCs) have been forced to find legally compliant ways to transfer data across borders. In the past, many MNCs relied on data transfer...more
Key Points - President Biden has signed the long-awaited executive order implementing U.S. commitments to the new successor agreement to the Privacy Shield, the EU-U.S. Data Privacy Framework—a historic step in respect of...more
The Cybersecurity Law ("CSL"), Personal Information Protection Law ("PIPL"), and Data Security Law ("DSL") of the People's Republic of China (the "PRC") introduced a security assessment of the outbound transfer of important...more
Do you use Google Analytics? Do you tell consumers that you do not sell personal information? If you answered yes to both of those questions, then this alert is for you! The California attorney general recently took the...more
On July 7, 2022, the Cyberspace Administration of China (“CAC”) released the Security Assessment Measures of Cross-border Data Transfer ( the “Measures”) which will be effective from September 1, 2022. Previously on October...more