No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Compliance with the New EU-US Data Privacy Framework
Life With GDPR - Data Transfer Update
Anonymization and AI: Critical Technologies for Moving eDiscovery Data Across Borders
Digital Trade: Key Trends and Developments to Watch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
In-house Roundhouse: Antitrust and the Tech Industry
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
Privacy Talk | The New Swiss Data Protection Act
Compliance Perspectives: The Privacy and Data Security Track at the 2020 Compliance & Ethics Institute
Update on Global Data Privacy Regulations by John Jackson
Nota Bene Episode 93: Navigating the New Global Cybersecurity Compliance Landscape with Scott Giordano
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
On April 8, the U.S. Department of Justice’s (DOJ) Final Rule, codified at 28 CFR Part 202, (Final Rule), implementing President Biden’s Executive Order 14117 “Preventing Access to U.S. Sensitive Personal Data and...more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
In a Press Release issued April 11, 2025, the U.S. Department of Justice (“DOJ”) indicated that it would prioritize “facilitating compliance” over civil enforcement actions for the first 90 days of its new US-China data...more
A new U.S. federal rule restricts bulk sharing of sensitive personal information and governmental information with certain countries, for some key industries. In December 2024, the Department of Justice issued a comprehensive...more
In the final days of the Biden administration the U.S. Department of Justice (DOJ) issued a sweeping set of regulations which are in effect as of yesterday, April 8, 2025. The regulations focus on cross-border data transfers...more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
Today, April 8, 2025, the U.S. Department of Justice’s Final Rule restricting transfers of bulk sensitive personal data and U.S. government-related data becomes effective, implementing former President Biden’s Executive Order...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
On January 3, 2025, the Cyberspace Administration of China (the “CAC”) released the Draft Measures for Personal Information Protection Certification for Cross-Border Data Transfers (the “Draft Measures”) for public comment....more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
The Department of Justice has finalized prohibitions and restrictions on cross-border transfers of certain data to China and other “Countries of Concern” (as defined below). It seeks to address what is, in the U.S....more
The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more
On 3 January 2025, the Cyberspace Administration of China (“CAC“) released for public consultation the draft Measures for Certification of Personal Information Protection for Cross-Border Transfer of Personal Information...more
The Guangzhou Internet Court (the “Court”) recently issued its first judgment involving the cross-border transfer of personal data under the Personal Information Protection Law (“PIPL”).1 An international hotel group was...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more
While the definition of sensitive personal information in China has always been different to other jurisdictions, with a focus on risk of harm at its heart, new draft guidance should make it easier for organisations to map...more
On 22 March 2024, the CAC published the final version of the Provisions on Promoting and Regulating Cross-Border Data Flows which took effect immediately and follows the draft published for consultation in September 2023. On...more
Employers and businesses are in limbo on how to prepare for a post-TikTok world after Congress passed legislation giving the social media app’s Chinese owner nine months to either sell the company or be banned throughout the...more
On March 22, 2024, the Cybersecurity Administration of China (CAC), issued the long-awaited new Regulations on Promoting and Regulating Cross-Border Data Flows (the New Regulations) for compliance with China's Personal...more
Six months after the release of the draft Provisions on Regulating and Facilitating Cross-Border Data Flow, the Cyberspace Administration of China (CAC) officially released the long-awaited finalized Provisions on...more
On March 22, 2024, nearly six months after the release of the “draft Provisions on Regulating and Promoting Cross-border Data Transfer” (the “Draft Rules”), the Cybersecurity Administration of China (the “CAC”) formally...more
On 22 March, 2024, the Cyberspace Administration of China (“CAC”) finalized its Provisions to Promote and Regulate Cross-Border Data Transfers (“Final Provisions”). The Final Provisions were long anticipated following a...more