State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
While the definition of sensitive personal information in China has always been different to other jurisdictions, with a focus on risk of harm at its heart, new draft guidance should make it easier for organisations to map...more
On 22 March 2024, the CAC published the final version of the Provisions on Promoting and Regulating Cross-Border Data Flows which took effect immediately and follows the draft published for consultation in September 2023. On...more
The Protecting Americans’ Data from Foreign Adversaries Act (PADFA or the Act) was signed into law by President Joe Biden on April 24 as part of a larger foreign aid appropriations bill. Although other portions of the...more
We are pleased to announce that several of the firm’s practice groups and attorneys were recognized in the 2024 edition of Chambers USA, a directory of leading law firms and attorneys. Chambers and Partners annually...more
Melissa Duffy and Trevor Coval contributed their thought leadership to the American Conference Institute’s 14th Annual Global Encryption, Cloud & Cyber Export Controls Conference, held in San Francisco on May 14-16. Melissa...more
In addition to its well-publicized move to prohibit more than 150 million Americans from posting embarrassing dance videos of themselves on TikTok (at least while it is Chinese-owned), the U.S. federal government recently...more
On April 20, 2024, the House of Representatives passed H.R.8038, the 21st Century Peace through Strength Act ("supplemental"), which includes a version of H.R.7520, the Protecting Americans' Data from Foreign Adversaries Act...more
In Part I of our alert about China’s new safe harbor rules, we discussed key developments between the draft Provisions on Regulating and Facilitating Cross-Border Data Flow (Chinese version only) and the Provisions on...more
Six months after the Cyberspace Administration of China (the CAC) sought public consultation on the draft Provisions on Regulating and Facilitating Cross-Border Data Flow (the Draft Provisions, Chinese version only), the...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On February 28, 2024, President Joe Biden issued a landmark Executive Order titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” (the...more
In a sweeping, coordinated effort across federal agencies, the US government has taken a giant leap forward to prevent access to data that could be exploited to the detriment of national security. On February 28, 2024,...more
On February 28, 2024, the Biden administration announced new cybersecurity-related measures, including an executive order (EO) and advance notice of proposed rulemaking (ANPRM), intended to address the bulk flow of Americans’...more
On February 28, 2024, President Biden signed Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and U.S. Government-Related Data by Countries of Concern” (the EO), under the authority of the...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
Last month, TikTok sued Montana’s attorney general—alleging the state’s recent TikTok ban is unconstitutional and is preempted by federal law. On May 17, Montana Governor Greg Gianforte signed a first-of-its-kind law...more
The U.S. government continues to increase scrutiny over certain foreign investments in the United States and critical supply chain security. On 15 September 2022, President Biden signed the “Executive Order on Ensuring Robust...more
The Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) recently submitted its Annual Report to Congress for calendar year 2021 (“Annual Report”). The report summarized the Committee’s activity...more
Outbound Data Transfer Security Review Measures - On July 7, 2022, the Cybersecurity Administration of China (“CAC”) issued the Outbound Data Transfer Security Assessment Measures (“Security Assessment Measures”) effective...more
Six months have now passed since China's Personal Information Protection Law (PIPL) became effective on November 1, 2021. As noted below, Chinese authorities have recently stepped up enforcement actions relative to PIPL....more
In Part 2 of this series, we discussed how the Personal Information Protection Law (“PIPL”), the centerpiece of China’s personal information (“PI”) protection law, needs to be read in conjunction with other relevant laws,...more
On June 10, 2021, China’s national legislature – the Standing Committee of the National People's Congress passed the Data Security Law (the “DSL”). The DSL (see here for a non-official English translation) took effect on...more
On August 20, the People’s Republic of China became the latest global economic powerhouse to pass an omnibus privacy law. Titled the Personal Information Protection Law (“PIPL”), the law was adopted by the Standing Committee...more
The Regulation on Management of Automobile Data Security (Trial) (Regulation) was passed on the 101st meeting of Cyberspace Administration of China (CAC), approved by four other Chinese ministries and officially published on...more
On August 20, 2021, the Standing Committee of the National People’s Congress (NPC) of the People’s Republic of China (PRC or China) enacted the Personal Information Protection Law (PIP Law), which will come into effect on...more