Carolyn Bigg

Carolyn Bigg

DLA Piper

Contact
View Bio
RSS

Latest Posts › Data Protection

Share:

CHINA: Definition and Handling of Sensitive Personal Information Helpfully Clarified

It’s well-known that China’s data protection laws define sensitive personal information very differently to other jurisdictions. Instead of a closed list of data types, sensitive personal information in China has...more

7/28/2025  /  China , Compliance , Data Privacy , Data Protection , Data Security , New Regulations , Personal Information , Privacy Laws , Regulatory Requirements , Sensitive Personal Information

CHINA: DPOs Must Be Registered Before 29 August 2025

While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more

7/21/2025  /  China , Compliance , Cybersecurity , Data Controller , Data Privacy , Data Protection , Data Protection Authority , Personal Data , Registration Requirement , Regulatory Requirements , Reporting Requirements

China Released New Measures for Labelling AI-Generated and Synthetic Content

On 14 March 2025, the Measures for the Labelling of Artificial Intelligence-Generated and Synthetic Content (Measures) was jointly released by four Chinese government agencies, namely the Cyberspace Administration of China,...more

3/24/2025  /  Artificial Intelligence , China , Cybersecurity , Data Protection , Labeling , New Regulations , Regulatory Agenda , Regulatory Requirements , Technology Sector

CHINA: Recent Enforcement Trends

Recently, the Cyberspace Administration of China (CAC), which is the primary data regulator in China, published a newsletter about the government authorities’ enforcement of Apps and websites that violated personal data...more

3/12/2025  /  China , Consumer Privacy Rights , Cybersecurity , Data Privacy , Data Protection , Data Security , Enforcement Actions , Personal Data , Privacy Laws

Malaysia: Guidelines Issued on Data Breach Notification and Data Protection Officer Appointment

Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more

3/4/2025  /  Data Breach , Data Privacy , Data Protection , Data Protection Officers (DPOs) , Data Security , Malaysia , Personal Data , Popular , Privacy Laws , Regulatory Requirements

CHINA: Mandatory Data Protection Compliance Audits from 1 May 2025

Chinese data regulators are intensifying their focus on the data protection compliance audit obligations under the Personal Information Protection Law (“PIPL“), with the release of the Administrative Measures for Personal...more

2/20/2025  /  China , Compliance , Data Privacy , Data Protection , Incident Response Plans , Personal Data , Personal Information , Personal Information Protection Law (PIPL) , Privacy Laws , Regulatory Agenda , Regulatory Requirements , Risk Management

CHINA: Draft Regulation on Certification for Cross-Border Data Transfers Published

On 3 January 2025, the Cyberspace Administration of China (“CAC“) released for public consultation the draft Measures for Certification of Personal Information Protection for Cross-Border Transfer of Personal Information...more

1/14/2025  /  Certification Requirements , China , Data Privacy , Data Protection , Data Security , International Data Transfers , Personal Data , Regulatory Agenda , Regulatory Requirements , Standard Contractual Clauses

Hong Kong: Updates to the Personal Data (Privacy) Ordinance Put on Hold

At the Legislative Council Panel on Constitutional Affairs held on 19 February 2024, the Privacy Commissioner (“Commissioner“) reported that the Office of the Privacy Commissioner for Personal Data was working with the...more

11/11/2024  /  Data Breach , Data Protection , Hong Kong , Legislative Agendas , Personal Data

CHINA: Mandatory Data Protection Compliance (Self) Audits on Their Way

The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more

9/3/2024  /  Audits , China , Compliance , Data Privacy , Data Processors , Data Protection , Data Security , International Data Transfers , Personal Data , Personal Information , Personal Information Protection Law (PIPL) , Regulatory Requirements

Hong Kong: A Practical Guide to the Proposed Critical Infrastructure Cybersecurity Legislation

Hong Kong is following other jurisdictions, including Mainland China, Singapore and the UK, in proposing to enhance cybersecurity obligations on IT systems of those operating critical infrastructure (“CI“). While the proposed...more

8/23/2024  /  Critical Infrastructure Sectors , Cyber Attacks , Cyber Threats , Cybersecurity , Data Protection , Hong Kong , Information Technology , Proposed Legislation
10 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide