EU, UK and US Trade Sanctions: Application and Latest Developments [Video Recording]
What to Expect from the Supreme Court During Obama’s Second Term
NETWORK AND INFORMATION SECURITY 2 DIRECTIVE (NIS2) - WHO WILL BE IN SCOPE? Operators of essential and important services across various sectors including energy, transport, banking, health, medical devices, chemicals...more
On 19 September 2023, the UK Parliament passed the Online Safety Bill (“OSB”). The OSB aims to protect individuals from illegal online content and focuses on the protection of children by requiring the removal of content that...more
In a precedential decision with potential implications for online privacy disclosures and consent practices, the Court of Appeals for the Third Circuit recently ruled that a retailer and its third-party digital marketer were...more
A recent UK Court of Appeal decision highlights ongoing uncertainty regarding the jurisdictional reach of the GDPR and invites intervention from the Information Commissioner’s Office. ...more
The Cyberspace Administration of China (“CAC”) on November 14, 2021 published the draft Regulations on the Administration of Network Data Security (“Draft Regulations”) for comment through December 13, 2021.1 The Draft...more
The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more
On August 20, 2021, the Standing Committee of the National People's Congress of the People's Republic of China ("PRC") passed the Personal Information Protection Law ("PIPL"), which will come into effect on November 1, 2021. ...more
On 3 August 2021, Japan's Personal Information Protection Commission (“PPC”) published its long-awaited Guidelines on amendments enacted in 2020 (the “2020 amendments”) to Japan’s Act on the Protection of Personal Information...more
On August 20, 2021, the Standing Committee of the National People’s Congress adopted the Personal Information Protection Law of the People’s Republic of China (the “Personal Information Protection Law”). The Personal...more
China’s National People’s Congress (NPC) promulgated the Data Security Law of the People’s Republic of China (DSL) on June 10, 2021. The DSL will take effect September 1, 2021, making for a very brief transition period...more
The Standing Committee of China's National People’s Congress (NPC) on June 10 enacted the Data Security Law (DSL) which will come into effect on September 1. The NPC reviewed two earlier drafts of the DSL in July 2020 and...more
Organizations in the United States often ask us how to comply with GDPR. But starting with that question skips a key inquiry: the extent to which GDPR applies to a US company in the first place....more
It’s generally recognized that the General Data Protection Regulation (GDPR) can apply to entities outside the European Union. However, scant court rulings guide non-European controllers and processors on this question. The...more
On October 21, 2020, a draft of China’s Personal Information Protection Law (the “Draft PIPL”) was released for public comment on the website of China’s National People’s Congress – the national legislature. The comment...more
Long-awaited legislation in China—the Personal Information Protection Law of the People’s Republic of China—was released for public consultation on October 21. Once passed, the law will be the first designated personal...more
Brazil’s long-debated privacy law – the Lei Geral de Proteção de Dados (LGPD) – took effect on August 27, 2020. The LGPD is largely inspired by the European Union’s privacy regulation – the General Data Protection Regulation...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
On January 16, 2020, a federal judge held that Michigan's Personal Privacy Protection Act applies to nonresidents who are located outside the state. The decision, Lin v. Crain Communications, No. 19-11889 (E.D. Mich. January...more
Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume...more
This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including a review of the first year of GDPR enforcement, analysis of...more
Subject to the deadlock in parliament being broken, or an extension of the Article 50 Brexit process, the UK’s 46-year European Union membership will cease in a matter of days. ...more
The EU General Data Protection Regulation (GDPR), which revised and sought to ensure greater harmonization of the European Union’s data protection framework, took effect in May 2018. Among the changes it introduced was the...more
Have $57 million (or more) to spare? You’re going to need it if you run afoul of the EU’s General Data Protection Regulation (GDPR) without cyber insurance. In late January 2019, the French data protection authority, CNIL,...more
Significant White Collar Developments at the U.S. Department of Justice: 2018 in Review - Amid the daily barrage of news stories from the US relating to the Robert Mueller investigation, the opioid epidemic and the U.S....more
This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including DOJ guidance on the use of corporate monitors in criminal...more