Closely following the establishment of the EU-US Data Privacy Framework (DPF) – see our July 2023 post – the UK has now agreed to an extension for the transfer of personal data from the UK to the US, known as the UK Extension...more
On 10 July 2023, the European Commission adopted its adequacy decision concluding that the EU-US Data Privacy Framework provides an adequate level of protection for personal data transferred from the European Union (EU) to US...more
On 13 December 2022, the European Commission issued a draft adequacy decision concluding that the EU-US Data Privacy Framework provides an adequate level of protection for personal data transferred from EU to US companies....more
China’s Personal Information Protection Law (PIPL) requires that operators of critical information infrastructure (e.g., China Mobile) and personal information processors that process personal information in an amount that...more
As explained in our previous blog post, in addition to the requirements for adopting a cross-border transfer mechanism, China’s Personal Information Protection Law (PIPL) and the European Union’s General Data Protection...more
Multinational companies often encounter questions regarding if and when they can transfer personal information across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new...more
After being laid before the UK parliament in February, the UK’s new data transfer tools (“New UK Transfer Tools”) are now in force and ready for use....more
Post-Brexit, the UK is no longer a member state of the European Union, meaning that the data protection regime that applies to UK-related processing is separate from – but currently remains similar to – that which applies to...more