Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Compliance with the New EU-US Data Privacy Framework
Life With GDPR - Data Transfer Update
Anonymization and AI: Critical Technologies for Moving eDiscovery Data Across Borders
Digital Trade: Key Trends and Developments to Watch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
I Wish I Knew What I Know Now: Conversations with AGG on FDA Issues - Data Privacy Issues Life Sciences Companies May Encounter
In-house Roundhouse: Antitrust and the Tech Industry
Cross-Border Data Transfers and the EU-US Data Privacy Tug of War
Privacy Talk | The New Swiss Data Protection Act
Compliance Perspectives: The Privacy and Data Security Track at the 2020 Compliance & Ethics Institute
Update on Global Data Privacy Regulations by John Jackson
Nota Bene Episode 93: Navigating the New Global Cybersecurity Compliance Landscape with Scott Giordano
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
IAPP Global Privacy Summit Recap, Big Questions, and Indiana Jones Analogies
The U.S. Department of Justice (DOJ) is set to enforce its sweeping new rule on certain U.S. data transactions with countries of concern and covered persons as of July 9, 2025. The new rule regarding “Preventing Access to...more
The Department of Justice’s (DOJ) 90-day grace period for compliance with the Data Security Program (DSP) ends on July 8, 2025, and enforcement is expected to begin. This regulatory regime was created for national security...more
China’s primary data regulator, the Cyberspace Administration of China (CAC), released two sets of Q&As with respect to exporting data from China, one in April and one in May. The questions were selected from those raised...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
Six months after the release of the draft Provisions on Regulating and Facilitating Cross-Border Data Flow, the Cyberspace Administration of China (CAC) officially released the long-awaited finalized Provisions on...more
Companies that collect or process personal data in Brazil — or from consumers in the country — should be familiar with the Brazilian General Data Protection Law, which has been the country’s main legislation on the matter...more
Sharing personal data across borders is critical for organizations operating and doing business internationally. Doing so in compliance with data security and privacy laws, however, can be a complex and challenging exercise...more
The Cyberspace Administration of China (“CAC”) on September 28, 2023 issued the draft Provisions on the Regulation and Promotion of Cross-Border Data Flows (“draft Provisions”), just one year after China’s data export...more
On September 28, 2023, the Cyberspace Administration of China (CAC) released draft Provisions on Regulating and Promoting Cross-Border Data Flows (see the Chinese version and the unofficial English translation) for public...more
U.S.-based multinationals with employees in the People’s Republic of China (PRC) are confronting a November 30 deadline to implement China’s new cross-border data transfer mechanism—the Standard Contract. This implementation...more
The Cyberspace Administration of China (“CAC”) on August 3, 2023 published the draft Administrative Measures for Personal Information Protection Compliance Audits (“draft Measures”) for public comment through September 2,...more
On July 10, 2023, the European Commission formally approved the EU-U.S. Data Privacy Framework (“DPF"). You can view our brief video discussion about the DPF or read our initial update. Companies that maintained their...more
The need for privacy and cybersecurity compliance measures has become a paramount consideration as businesses become more digitally driven, data breaches become more publicized, and regulation continues to increase. Morgan...more
On February 24, 2023, the Cyberspace Administration of China (CAC) released the much-awaited Measures for the Standard Contract for Outbound Transfer of Personal Information (China SCC Measures) together with the issuance of...more
Africa is continuing to strengthen its data protection legal and regulatory framework. To date, thirty six out of fifty four African countries have data protection laws and/or regulations. Sixteen countries have signed the...more
The Cybersecurity Administration of China (the "CAC") has published guidelines concerning outbound data transfers of personal information and "important data" from China to other jurisdictions. Businesses must comply with...more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
President Biden recently signed the Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities and supporting regulations (collectively, the “Executive Order”), enhancing privacy and civil...more
The Swiss government has drafted a proposed list of countries that are approved to receive personal data transfers out of Switzerland. Japan and South Korea are excluded from the current and proposed lists, requiring...more
In order to regulate cross-border data transfers in accordance with the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law, the Cyberspace Administration of China (CAC) released the Measures...more
The Chinese regulatory authorities have published several new regulations and proposals in the past two months seeking to clarify the requirements of the Chinese Personal Information Protection Law (the PIPL) that came into...more
In our second installment of what privacy professionals should know before they start the summer, we provide you with highlights from the draft regulations from the California Privacy Protection Agency (“CPPA”) and...more
Multinational companies often encounter questions regarding if and when they can transfer personal information across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new...more
Over the past ten years, African countries have steadily passed laws and adopted regulations on cybersecurity, cybercrime, electronic transactions and data protection. To date, 33 countries have data protection laws and/or...more
Under the EU General Data Protection Regulation (EU GDPR) and the UK Data Protection Act 2018 (UK GDPR) (together the GDPR), even if an organisation is not established in the European Economic Area (EEA) or United Kingdom it...more