Extraterritoriality — RICO Report Podcast
EU, UK and US Trade Sanctions: Application and Latest Developments [Video Recording]
What to Expect from the Supreme Court During Obama’s Second Term
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
يُعد نظام حماية البيانات الشخصية (النظام) أول نظام شامل لحماية البيانات في المملكة العربية السعودية. من المتوقع أن تبدأ الهيئة السعودية للبيانات والذكاء الاصطناعي (الهيئة) في الإنفاذ الكامل للنظام اعتبارًا من 14 سبتمبر 2024،...more
A recent UK Court of Appeal decision highlights ongoing uncertainty regarding the jurisdictional reach of the GDPR and invites intervention from the Information Commissioner’s Office. ...more
The Cyberspace Administration of China (“CAC”) on November 14, 2021 published the draft Regulations on the Administration of Network Data Security (“Draft Regulations”) for comment through December 13, 2021.1 The Draft...more
On November 19 the European Data Protection Board (EDPB) published draft guidelines on the interplay between Article 3 of the GDPR (which establishes the GDPR’s territorial scope), and the GDPR’s international transfer...more
The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more
China has recently joined the list of countries that have adopted the world’s strictest data-privacy laws. Given China’s desirability as both a market for and a source of data, companies worldwide have started making early...more
On 3 August 2021, Japan's Personal Information Protection Commission (“PPC”) published its long-awaited Guidelines on amendments enacted in 2020 (the “2020 amendments”) to Japan’s Act on the Protection of Personal Information...more
China’s Personal Information Protection Law (PIPL or the final version), following the first two readings in October 2020 and April 2021, was adopted on August 20, 2021 and will become effective on November 1, 2021. The final...more
China’s National People’s Congress (NPC) promulgated the Data Security Law of the People’s Republic of China (DSL) on June 10, 2021. The DSL will take effect September 1, 2021, making for a very brief transition period...more
In the first case of its kind, the High Court of England & Wales has considered the limits on the extraterritorial reach of the European Data Protection Regulation (GDPR). ...more
It’s generally recognized that the General Data Protection Regulation (GDPR) can apply to entities outside the European Union. However, scant court rulings guide non-European controllers and processors on this question. The...more
On October 21, 2020, a draft of China’s Personal Information Protection Law (the “Draft PIPL”) was released for public comment on the website of China’s National People’s Congress – the national legislature. The comment...more
Long-awaited legislation in China—the Personal Information Protection Law of the People’s Republic of China—was released for public consultation on October 21. Once passed, the law will be the first designated personal...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume...more
The Situation: The United Kingdom is due to leave the European Union ("EU") on 31 October 2019. Negotiations between member states of the EU excluding the United Kingdom ("EU27") and the United Kingdom are ongoing, but it is...more
Why does this topic matter to organisations? The GDPR does not necessarily apply to every organisation in the world. It applies to all organisations that are established in the EU. However, for organisations established...more
The EU General Data Protection Regulation (GDPR), which revised and sought to ensure greater harmonization of the European Union’s data protection framework, took effect in May 2018. Among the changes it introduced was the...more
Data protection laws in Europe evolved substantially in 2018, with the implementation of the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS Directive) becoming...more
Since the General Data Protection Regulation (“GDPR”) took effect on May 25, 2018, US companies without facilities or employees in Europe have struggled to understand the extraterritorial scope of the GDPR....more
Throughout history, people have waged sectarian fights to protect their beliefs. The Europeans, sitting at a crossroads of two major religions charged with converting the unenlightened, have a particularly combative past. ...more
A lot has been written about the European Union’s new General Data Protection Regulation (GDPR), which became effective May 25, 2018. Colleges and universities are still sorting through whether it applies to them and how it...more
What is the GDPR? The European General Data Protection Regulation (GDPR) is a new law going into effect on May 25, 2018 that grants European residents broad, never-before-recognized data privacy rights, and imposes...more