State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
It’s well-known that China’s data protection laws define sensitive personal information very differently to other jurisdictions. Instead of a closed list of data types, sensitive personal information in China has...more
The United States Data Security Program (DSP) represents a significant regulatory undertaking by the US government to control the flow of bulk sensitive data to specific foreign countries, for national security purposes....more
On June 18, 2025, the U.S. Food and Drug Administration (“FDA”) announced an immediate review of new clinical trials that export American citizens’ biological materials to countries of concern, such as China, for genetic...more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
The State Administration for Market Regulation and the Standardization Administration of China have jointly issued a new national standard applicable to companies conducting business in China, GB/T 45574-2025, Data Security...more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
Life sciences companies have long been outside the scope of US national security regulations and benefited from significant exemptions under US privacy laws. ...more
In the final days of the Biden administration the U.S. Department of Justice (DOJ) issued a sweeping set of regulations which are in effect as of yesterday, April 8, 2025. The regulations focus on cross-border data transfers...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more
As global economic and geopolitical environments enter a new era, companies need to continuously develop and adjust their coherent global business strategies to secure and further expand business opportunities in all markets...more
On October 29, 2024, the U.S. Department of Justice (DOJ) published a proposed rule (Proposed Rule) that would restrict or prohibit certain transactions with China, Russia and other countries of concern involving U.S....more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
In Part 2 of this series, we discussed how the Personal Information Protection Law (“PIPL”), the centerpiece of China’s personal information (“PI”) protection law, needs to be read in conjunction with other relevant laws,...more