State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
The United States Data Security Program (DSP) represents a significant regulatory undertaking by the US government to control the flow of bulk sensitive data to specific foreign countries, for national security purposes....more
No Safe Harbor: New DOJ Data Export Rule Restricts Deidentified Data Transfer - This article outlines new requirements from the Department of Justice regarding “bulk sensitive data”, including de-identified, anonymized,...more
U.S. companies and organizations have entered a new era of sweeping restrictions on cross-border data transfers. The Department of Justice's (DOJ) Final Rule, "Preventing Access to U.S. Sensitive Personal Data and...more
On January 03, 2025, the government released the much awaited draft Digital Personal Data Protection Rules, 2025, (Draft Rules / Rules) for public consultation and invited stakeholder feedback by February 18, 2025 (access the...more
On January 8, 2025, the Department of Justice (DOJ) published in the Federal Register a Final Rule, "Preventing Access to U.S. Sensitive Personal Data and Government Related Data by Countries of Concern or Covered Persons,"...more
The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more
Earlier this year, the Biden administration issued Executive Order (EO) 14117, which instructed the Department of Justice (DOJ) to create a framework that would prohibit certain data transactions. ...more
On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
Actions in the last six months of the Brazilian National Data Protection Authority (“ANPD”) suggest that it intends to aggressively enforce the Brazilian Data Protection Law (“LGPD”). The LGPD applies to any entity that...more
The Kingdom of Saudi Arabia (KSA or Kingdom) is a sovereign state located in the Middle East between the Red Sea and the Arabian Gulf (sometimes referred to as the Persian Gulf) and is one of the member states of the Gulf...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
On April 20, 2024, the House of Representatives passed H.R.8038, the 21st Century Peace through Strength Act ("supplemental"), which includes a version of H.R.7520, the Protecting Americans' Data from Foreign Adversaries Act...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
يُعد نظام حماية البيانات الشخصية (النظام) أول نظام شامل لحماية البيانات في المملكة العربية السعودية. من المتوقع أن تبدأ الهيئة السعودية للبيانات والذكاء الاصطناعي (الهيئة) في الإنفاذ الكامل للنظام اعتبارًا من 14 سبتمبر 2024،...more
The PDPL has broad extraterritorial scope and substantial penalties for non-compliance, with full enforcement expected to start in September. The Personal Data Protection Law (PDPL) is the first comprehensive data...more
In a sweeping, coordinated effort across federal agencies, the US government has taken a giant leap forward to prevent access to data that could be exploited to the detriment of national security. On February 28, 2024,...more
The White House announced that President Biden will sign an executive order designed to protect sensitive data of U.S. persons from exploitation by identified countries of concern. This executive order is expected to be...more
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our Top 10 most popular topics from 2023....more
Outbound Data Transfer Security Review Measures - On July 7, 2022, the Cybersecurity Administration of China (“CAC”) issued the Outbound Data Transfer Security Assessment Measures (“Security Assessment Measures”) effective...more
The French Data Protection Authority’s white paper discusses how companies can comply with data privacy and security obligations. The use of card, contactless, and innovative digital payment solutions has significantly...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed. ...more
Q1/ Applicable legislation (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated. ———...more
Foreword - European data protection laws have made significant strides in the last two decades. Privacy and data protection laws have undergone dramatic changes over the last 20 years, in a race to keep up with technology....more