The UK’s Online Safety Act (OSA) 2023, which became law on 26 October 2023, imposes extensive new obligations on certain types of online service providers, requiring them to protect their users by identifying, mitigating, and...more
Closely following the establishment of the EU-US Data Privacy Framework (DPF) – see our July 2023 post – the UK has now agreed to an extension for the transfer of personal data from the UK to the US, known as the UK Extension...more
On 10 July 2023, the European Commission adopted its adequacy decision concluding that the EU-US Data Privacy Framework provides an adequate level of protection for personal data transferred from the European Union (EU) to US...more
China’s Personal Information Protection Law (PIPL) requires that operators of critical information infrastructure (e.g., China Mobile) and personal information processors that process personal information in an amount that...more
As explained in our previous blog post, in addition to the requirements for adopting a cross-border transfer mechanism, China’s Personal Information Protection Law (PIPL) and the European Union’s General Data Protection...more
Multinational companies often encounter questions regarding if and when they can transfer personal information across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new...more