No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Compliance with the New EU-US Data Privacy Framework
Life With GDPR - Data Transfer Update
Anonymization and AI: Critical Technologies for Moving eDiscovery Data Across Borders
Digital Trade: Key Trends and Developments to Watch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
In-house Roundhouse: Antitrust and the Tech Industry
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
Privacy Talk | The New Swiss Data Protection Act
Compliance Perspectives: The Privacy and Data Security Track at the 2020 Compliance & Ethics Institute
Update on Global Data Privacy Regulations by John Jackson
Nota Bene Episode 93: Navigating the New Global Cybersecurity Compliance Landscape with Scott Giordano
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
On April 8, the U.S. Department of Justice’s (DOJ) Final Rule, codified at 28 CFR Part 202, (Final Rule), implementing President Biden’s Executive Order 14117 “Preventing Access to U.S. Sensitive Personal Data and...more
Effective as of April 8, 2025, the National Security Division of the U.S. Department of Justice (DOJ) has implemented a Data Security Program (the DSP) to address national security risks associated with the transfer of...more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
The Cyberspace Administration of China (CAC) released an important Q&A on cross-border data transfer requirements and policies in early April, providing clarification on a number of issues of concern to companies in China....more
A new U.S. federal rule restricts bulk sharing of sensitive personal information and governmental information with certain countries, for some key industries. In December 2024, the Department of Justice issued a comprehensive...more
In the final days of the Biden administration the U.S. Department of Justice (DOJ) issued a sweeping set of regulations which are in effect as of yesterday, April 8, 2025. The regulations focus on cross-border data transfers...more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
On January 3, 2025, the Cyberspace Administration of China (the “CAC”) released the Draft Measures for Personal Information Protection Certification for Cross-Border Data Transfers (the “Draft Measures”) for public comment....more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more
On 3 January 2025, the Cyberspace Administration of China (“CAC“) released for public consultation the draft Measures for Certification of Personal Information Protection for Cross-Border Transfer of Personal Information...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
On October 29, 2024, the U.S. Department of Justice (DOJ) published a proposed rule (Proposed Rule) that would restrict or prohibit certain transactions with China, Russia and other countries of concern involving U.S....more
In the context of a dawn raid under the EU Foreign Subsidy Regulation (FSR), the EU General Court (GC) has refused to suspend the European Commission (EC)’s request to access employees’ mailboxes located in China....more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more
On March 22, 2024, the Cyberspace Administration of China (the "CAC") issued the highly anticipated final Regulations on Promoting and Regulating Cross-Border Data Flows (the "Regulations on Cross-Border Data Flows"),...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
The Cyberspace Administration of China (“CAC”) on November 14, 2021 published the draft Regulations on the Administration of Network Data Security (“Draft Regulations”) for comment through December 13, 2021.1 The Draft...more
The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more
China has recently joined the list of countries that have adopted the world’s strictest data-privacy laws. Given China’s desirability as both a market for and a source of data, companies worldwide have started making early...more
On 28 May 2019, the Cyberspace Administration of China (CAC) released the “Data Security Management Measures (Draft for Comments)” (Draft Measures) (unofficial English translation here), containing detailed rules to expand...more