As the digital economy continues to thrive and remote work becomes increasingly mainstream, an “offshore model” of business operation has emerged. Under this model, companies may provide services to users in a given...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Multinational companies often encounter questions regarding if and when they can transfer personal information across borders. The People’s Republic of China’s Personal Information Protection Law (PIPL) adds new...more
In light of the “changed security policy situation” following Russia’s invasion of Ukraine, the Norwegian data protection regulator recently encouraged any company that exports personal data to Russia and Ukraine to review...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
As drafted the new measures specify security assessment and contract requirements but leave ample room for Chinese authorities to heavily restrict cross-border data transfers. At the end of October, China’s top privacy...more
On August 20, 2021, the People’s Republic of China (PRC) passed a sweeping data protection law, the Personal Information Protection Law (PIPL), set to take effect on November 1, 2021. Although the PIPL appears to borrow...more
The Personal Information Protection Law, or PIPL, imposes stringent obligations of a similar standard to the GDPR and will take effect on November 1, 2021. Key Points: ..Extraterritorial effect: PIPL applies to those who...more