Carolyn Bigg

Carolyn Bigg

DLA Piper

Contact
View Bio
RSS

Latest Posts › Data Privacy

Share:

CHINA: Definition and Handling of Sensitive Personal Information Helpfully Clarified

It’s well-known that China’s data protection laws define sensitive personal information very differently to other jurisdictions. Instead of a closed list of data types, sensitive personal information in China has...more

7/28/2025  /  China , Compliance , Data Privacy , Data Protection , Data Security , New Regulations , Personal Information , Privacy Laws , Regulatory Requirements , Sensitive Personal Information

CHINA: DPOs Must Be Registered Before 29 August 2025

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

7/21/2025  /  China , Compliance , Cybersecurity , Data Controller , Data Privacy , Data Protection , Data Protection Authority , Personal Data , Registration Requirement , Regulatory Requirements , Reporting Requirements

CHINA: Recent Enforcement Trends

Recently, the Cyberspace Administration of China (CAC), which is the primary data regulator in China, published a newsletter about the government authorities’ enforcement of Apps and websites that violated personal data...more

3/12/2025  /  China , Consumer Privacy Rights , Cybersecurity , Data Privacy , Data Protection , Data Security , Enforcement Actions , Personal Data , Privacy Laws

Malaysia: Guidelines Issued on Data Breach Notification and Data Protection Officer Appointment

Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more

3/4/2025  /  Data Breach , Data Privacy , Data Protection , Data Protection Officers (DPOs) , Data Security , Malaysia , Personal Data , Popular , Privacy Laws , Regulatory Requirements

CHINA: Mandatory Data Protection Compliance Audits from 1 May 2025

Chinese data regulators are intensifying their focus on the data protection compliance audit obligations under the Personal Information Protection Law (“PIPL“), with the release of the Administrative Measures for Personal...more

2/20/2025  /  China , Compliance , Data Privacy , Data Protection , Incident Response Plans , Personal Data , Personal Information , Personal Information Protection Law (PIPL) , Privacy Laws , Regulatory Agenda , Regulatory Requirements , Risk Management

CHINA: Draft Regulation on Certification for Cross-Border Data Transfers Published

On 3 January 2025, the Cyberspace Administration of China (“CAC“) released for public consultation the draft Measures for Certification of Personal Information Protection for Cross-Border Transfer of Personal Information...more

1/14/2025  /  Certification Requirements , China , Data Privacy , Data Protection , Data Security , International Data Transfers , Personal Data , Regulatory Agenda , Regulatory Requirements , Standard Contractual Clauses

VIETNAM, MALAYSIA AND INDONESIA: What You Need to Know About the New SE Asia Data Protection Laws

It’s the turn of South-East Asian countries to update their data protection laws. Here is our summary of the proposed new data protection laws in Vietnam, Malaysia and Indonesia. Organisations are advised to update their data...more

11/7/2024  /  Compliance , Data Privacy , Data Protection Authority , Indonesia , Malaysia , Personal Data , Regulatory Requirements , Reporting Requirements , Sensitive Personal Information , Vietnam

CHINA: Enhanced and Clarified Data Compliance Obligations on Handlers of “Network Data”, Covering Personal Information and...

Additional and clarified data compliance obligations will soon come into force under the long-awaited Network Data Security Management Regulation (“Regulation“), which was released on 30 September 2024. The Regulation is...more

10/17/2024  /  China , Compliance , Data Privacy , Data Processors , Data Security , Online Platforms , Personal Data , Personal Information , Personal Information Protection Law (PIPL) , Risk Mitigation

CHINA: Mandatory Data Protection Compliance (Self) Audits on Their Way

The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more

9/3/2024  /  Audits , China , Compliance , Data Privacy , Data Processors , Data Protection , Data Security , International Data Transfers , Personal Data , Personal Information , Personal Information Protection Law (PIPL) , Regulatory Requirements

China: Important New Guidance on Defining Sensitive Personal Information

While the definition of sensitive personal information in China has always been different to other jurisdictions, with a focus on risk of harm at its heart, new draft guidance should make it easier for organisations to map...more

8/23/2024  /  China , Consent , Data Controller , Data Privacy , Data Security , Draft Guidance , International Data Transfers , Personal Information , Personal Information Protection Law (PIPL) , Sensitive Personal Information
10 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide