No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Compliance with the New EU-US Data Privacy Framework
Life With GDPR - Data Transfer Update
Anonymization and AI: Critical Technologies for Moving eDiscovery Data Across Borders
Digital Trade: Key Trends and Developments to Watch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
In-house Roundhouse: Antitrust and the Tech Industry
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
Privacy Talk | The New Swiss Data Protection Act
Compliance Perspectives: The Privacy and Data Security Track at the 2020 Compliance & Ethics Institute
Update on Global Data Privacy Regulations by John Jackson
Nota Bene Episode 93: Navigating the New Global Cybersecurity Compliance Landscape with Scott Giordano
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
Data privacy laws are evolving rapidly worldwide, with jurisdictions such as California, Japan, Canada, and Brazil adopting frameworks inspired by the EU’s General Data Protection Regulation (GDPR). Businesses operating...more
As global trade policy evolves faster than ever, now is the time to connect with your peers, discover new strategies, and most importantly, hear from the regulatory agencies on the front lines of policy change. ACI’s 15th...more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
It is hard to believe that another year is upon us! As we have done in years past (including 2023, 2022, 2021, 2020, 2019 and 2018), we have created a comprehensive resource of all our www.eyeonprivacy.com posts from 2024. As...more
On December 27, 2024, the US Department of Justice (DOJ) issued a final rule establishing a new national security program to prevent access to Americans’ bulk sensitive personal data and government-related data by China...more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more
The Guangzhou Internet Court (the “Court”) recently issued its first judgment involving the cross-border transfer of personal data under the Personal Information Protection Law (“PIPL”).1 An international hotel group was...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
The Guangzhou Internet Court released the first ruling interpreting the requirements for cross-border transfer of personal information under the Personal Information Protection Law (PIPL). This case has significant...more
Confidence Staveley is the founder and CEO of Cybersafe Foundation, Africa's leading nongovernmental organization dedicated to digital development. Her mission is to ensure inclusive and safe digital access across Africa. ...more
In July 2023, the European Commission adopted an adequacy decision for the EU-US Data Privacy Framework (DPF), as we previously reported. This permitted the free flow of personal data from the EU to DPF participating...more
On August 7, 2024, after three years of negotiation, the United Nation’s Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal...more
In this episode of The Privacy Insider Podcast, host Arlo Gilbert is joined by Rachael Ormiston, Head of Privacy at Osano, to dive into the complex world of U.S. privacy regulations. How does the U.S. view privacy differently...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
In this Essential Guide, part of Orrick’s Cybersecurity & Privacy Compass Series, we offer insights into the Cyberspace Administration of China's (CAC) new rules and requirements for cross-border data transfers. The...more
On March 22, 2024, the Cybersecurity Administration of China (CAC), issued the long-awaited new Regulations on Promoting and Regulating Cross-Border Data Flows (the New Regulations) for compliance with China's Personal...more
Six months after the release of the draft Provisions on Regulating and Facilitating Cross-Border Data Flow, the Cyberspace Administration of China (CAC) officially released the long-awaited finalized Provisions on...more
On March 22, 2024, nearly six months after the release of the “draft Provisions on Regulating and Promoting Cross-border Data Transfer” (the “Draft Rules”), the Cybersecurity Administration of China (the “CAC”) formally...more
On 22 March, 2024, the Cyberspace Administration of China (“CAC”) finalized its Provisions to Promote and Regulate Cross-Border Data Transfers (“Final Provisions”). The Final Provisions were long anticipated following a...more
The enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL, together with the CSL and the DSL, “Data Security Laws”) has significantly reshaped the landscape of...more
China has passed provisions which relax the current cross-border data transfer mechanisms. This comes as welcome news to the international business community, especially those with the need to export data from China in the...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
Chinese authorities issued new regulations and guidance governing cross-border transfers of data and personal information, which will significantly reduce procedural and compliance burdens for many multinationals....more