The regulatory landscape in China around data protection and flows continues to develop. Since the 2017 Cybersecurity Law, China has been refining the legal and regulatory framework for data protection—it has implemented new laws and regulations that set comprehensive rules
Latest from The Global Privacy Watch
China Releases Draft Measures on Security Assessment of Cross-Border Data Transfer
On October 29, 2021, the Cyberspace Administration of China (“CAC”) published the “Draft Measures on Security Assessment of Cross-Border Data Transfer” (“Draft Measures”) for public comment, which outlines the requirements for security assessments on cross-border data transfers. The CAC had
China’s New Data Security Law
Introduction
On June 10, 2021, China officially passed China’s first Data Security Law, which will take effect on September 1, 2021. Following the introduction of the Data Security Law, together with the Cybersecurity Law, which has been implemented since June 1, 2017, and the Personal
China Released Second Draft of Personal Information Protection Law
On April 29, 2021, the national legislator in China released the second draft of the Personal Information Protection Law (“PIPL”) to collect public comments until May 28, 2021. The updated draft substantially follows the framework of the first draft, which
Out With the Old, In With the New: New GDPR Standard Contractual Clauses
In a long awaited decision, the European Commission (“Commission’) adopted two new sets of standard contractual clauses (“SCCs”) to reflect the EU’s General Data Protection Regulation (“EU GDPR”) and ‘the realities faced by modern business’ (see the Commission’s press release
What President Biden’s New Executive Order Means for the Cybersecurity of the United States
Seyfarth Synopsis: On May 12, 2021, President Joe Biden issued a very broad, 34 page “Executive Order on Improving the Nation’s Cybersecurity.” The Executive Order, or “EO”, can be found here. This order comes six months after the notorious SolarWinds
Upcoming Seyfarth Webinar: Responding with Strength to the SolarWinds Attack – May 26, 2021
There have been seminal events in the cybersecurity space since 2012, but there has likely been no event in recent times bigger than the SolarWinds attack which was first announced in December 2020. Though it likely had “nation-state” origins, the
Overview of Technology and Data Privacy Issues Arising from COVID Passports
This was originally published as a Seyfarth Legal Update.
Seyfarth Synopsis: As the world progresses with COVID vaccinations, the scenario where you have to show a COVID passport before crossing a border, taking a public mode of transportation, or
Portland, OR and New York City Follow Illinois’ Lead on Private Rights of Action in Biometric Privacy Legislation
Seyfarth Synopsis: Both Portland and New York City have followed the example set by Illinois’ Biometric Information Privacy Act (“BIPA”), a statute that has spawned thousands of cookie-cutter class action suits regarding the alleged collection of biometric information. Like BIPA,
Maryland Joins Growing Number Of States Introducing Biometric Information Privacy Bills With Potential To Spur Class Action Litigation
Cross-posted from Seyfarth’s Workplace Class Action Blog.
Seyfarth Synopsis: Following in the footsteps of New York, Maryland recently introduced a standalone biometric information privacy bill, House Bill 218, that mirrors Illinois’ highly litigious Biometric Information Privacy Act (740