INTRODUCTION - The Protection of Critical Infrastructures (Computer Systems) Bill (the "Bill"), as the first law in Hong Kong to deal with cybersecurity was passed on 19 March 2025, and will come into force on 1 January 2026....more
The Office of the Privacy Commissioner for Personal Data (“PCPD”) released an updated version of the Information Leaflet on Legal Assistance for Civil Claims under the Personal Data (Privacy) Ordinance (“PDPO”) (the “2025...more
INTRODUCTION -
Artificial intelligence ("AI") has rapidly transitioned from experimental use to widespread adoption across Hong Kong. Organisations are now leveraging AI models to enhance customer service, improve risk...more
7/25/2025
/ Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Protection ,
Data Security ,
Hong Kong ,
Personal Data ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management
INTRODUCTION -
Almost eight years after the Cybersecurity Law (“CSL”) came into force in the PRC in 2017, the Cyberspace Administration of China (“CAC”) issued draft amendments to the CSL (“2025 Draft Amendments”) on 28...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
4/28/2025
/ Audits ,
China ,
Data Controller ,
Data Privacy ,
Data Protection ,
Data Security ,
New Regulations ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements ,
Reporting Requirements
The Guangzhou Internet Court (the “Court”) recently issued its first judgment involving the cross-border transfer of personal data under the Personal Information Protection Law (“PIPL”).1 An international hotel group was...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
12/24/2024
/ China ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Extraterritoriality Rules ,
International Data Transfers ,
New Regulations ,
Regulatory Reform ,
Regulatory Requirements
The PRC National Technical Committee 260 on Cybersecurity of SAC (“TC260”) published new Guidelines on Identifying Sensitive Personal Information (“Guidelines”) on 18 September 2024, nearly three months after it released the...more
INTRODUCTION -
On 28 October 2024, the Financial Services and Treasury Bureau ("FSTB") of Hong Kong issued a policy statement on the responsible application of artificial intelligence ("AI") in the financial market...more
Malaysia's Cyber Security Act 2024 ("CSA") came into effect on 26 August 2024, establishing regulatory standards for the nation's cyber defences and marking a significant step forward in resilience against cyber threats. The...more
In early July 2024, the Hong Kong SAR Government released a proposal for the regulation of Critical Infrastructure Operators (CIOs) and Critical Computer Systems (CCS) (Proposed Framework) for consultation. The consultation...more
INTRODUCTION -
In August 2024, the Hong Kong Office of the Privacy Commissioner for Personal Data (“PCPD”) released a revision of the “Code of Practice on the Identity Card Number and other Personal Identifiers: Compliance...more
INTRODUCTION -
The acceleration of the rate of cyber-attacks against companies in Hong Kong in the last year or so (with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of...more
Hong Kong has witnessed a notable surge in cyber breach incidents in recent years. The cyberattacks have affected various organisations across the public, private and non-profit sector. Cybersecurity incidents recorded a...more
INTRODUCTION -
The acceleration of cyber-attacks on companies in Hong Kong in the last year or so (– with over 60 notifications of such attacks being received by the Office of the Privacy Commissioner of Hong Kong in 2023,...more
7/24/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Data Security ,
Hong Kong ,
Personally Identifiable Information ,
Regulatory Agenda
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
INTRODUCTION -
The rapid development of Artificial Intelligence (AI) has generated much excitement over the past two years. Since the public launch of Open AI's ChatGPT on 30 November 2022, generative AI and its...more
The rapid development of artificial intelligence (“AI”), together with the increased number of commercial use cases made possible by generative AI (“Gen AI”), have brought about a wave of new opportunities for businesses...more
China’s stance toward data privacy and cybersecurity has been a matter of interest for the last several years, most prominently with the June 2017 passage of China’s Cybersecurity Law, and the passage of the Data Security Law...more
Over the past few years, China has introduced a range of laws dealing with data privacy and cybersecurity. The most well-known is China's Cybersecurity Law, which came into effect in June 2017. With the recent passing of...more
12/14/2021
/ China ,
Cross-Border Transactions ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
International Data Transfers ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
Privacy Laws