The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
يُعد نظام حماية البيانات الشخصية (النظام) أول نظام شامل لحماية البيانات في المملكة العربية السعودية. من المتوقع أن تبدأ الهيئة السعودية للبيانات والذكاء الاصطناعي (الهيئة) في الإنفاذ الكامل للنظام اعتبارًا من 14 سبتمبر 2024،...more
On 19 September 2023, the UK Parliament passed the Online Safety Bill (“OSB”). The OSB aims to protect individuals from illegal online content and focuses on the protection of children by requiring the removal of content that...more
The European Parliament and the Council of the European Union adopted the European Data Act on June 28 after lengthy negotiations. The Data Act creates a legal framework for a single European data market, and its key...more
A recent UK Court of Appeal decision highlights ongoing uncertainty regarding the jurisdictional reach of the GDPR and invites intervention from the Information Commissioner’s Office. ...more
Multinational entities with operations in or having business with the People’s Republic of China (PRC) should take note of the PRC’s new Personal Information Protection Law (PIPL), which took effect on 1 November 2021 and is...more
The Cyberspace Administration of China (“CAC”) on November 14, 2021 published the draft Regulations on the Administration of Network Data Security (“Draft Regulations”) for comment through December 13, 2021.1 The Draft...more
On November 19 the European Data Protection Board (EDPB) published draft guidelines on the interplay between Article 3 of the GDPR (which establishes the GDPR’s territorial scope), and the GDPR’s international transfer...more
The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more
China has recently joined the list of countries that have adopted the world’s strictest data-privacy laws. Given China’s desirability as both a market for and a source of data, companies worldwide have started making early...more
The PIPL imposes extensive obligations on organizations and individuals engaged in "handling" of personal information, which is defined to include "collection, storage, use, processing, transmission, provision, disclosure,...more
On 3 August 2021, Japan's Personal Information Protection Commission (“PPC”) published its long-awaited Guidelines on amendments enacted in 2020 (the “2020 amendments”) to Japan’s Act on the Protection of Personal Information...more
China’s Personal Information Protection Law (PIPL or the final version), following the first two readings in October 2020 and April 2021, was adopted on August 20, 2021 and will become effective on November 1, 2021. The final...more
On August 20, 2021, the Standing Committee of the National People’s Congress adopted the Personal Information Protection Law of the People’s Republic of China (the “Personal Information Protection Law”). The Personal...more
China’s National People’s Congress (NPC) promulgated the Data Security Law of the People’s Republic of China (DSL) on June 10, 2021. The DSL will take effect September 1, 2021, making for a very brief transition period...more
In the first case of its kind, the High Court of England & Wales has considered the limits on the extraterritorial reach of the European Data Protection Regulation (GDPR). ...more
Organizations in the United States often ask us how to comply with GDPR. But starting with that question skips a key inquiry: the extent to which GDPR applies to a US company in the first place....more
It’s generally recognized that the General Data Protection Regulation (GDPR) can apply to entities outside the European Union. However, scant court rulings guide non-European controllers and processors on this question. The...more
On October 21, 2020, a draft of China’s Personal Information Protection Law (the “Draft PIPL”) was released for public comment on the website of China’s National People’s Congress – the national legislature. The comment...more
Long-awaited legislation in China—the Personal Information Protection Law of the People’s Republic of China—was released for public consultation on October 21. Once passed, the law will be the first designated personal...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume...more
The Situation: The United Kingdom is due to leave the European Union ("EU") on 31 October 2019. Negotiations between member states of the EU excluding the United Kingdom ("EU27") and the United Kingdom are ongoing, but it is...more
Recent laws—such as the 2016 Sapin 2 Law and the new EU General Data Protection Regulation—provide for rules that are intended to ensure compliance with the French Blocking Statute, which prohibits any French party from...more
Why does this topic matter to organisations? The GDPR does not necessarily apply to every organisation in the world. It applies to all organisations that are established in the EU. However, for organisations established...more
Evidence gathering differs greatly between common law and civil law jurisdictions. For example, while a U.S. judge may in many instances allow extensive pretrial discovery, a French judge would generally consider nearly any...more