On May 19, 2022, the Federal Trade Commission (FTC) unanimously approved a policy statement on education technology (EdTech) and the Children’s Online Privacy Protection Act (COPPA). Characterized as part of a larger effort to “crack down on companies that illegally surveil children learning online,” the policy statement itself merely highlights pre-existing obligations under

On February 9, 2022, the US Securities and Exchange Commission (SEC) voted to propose several new rules and amendments to existing rules that would significantly alter the current requirements for investment advisers and funds, with one proposal specifically focused on private funds and the other focused on cybersecurity.

Continue reading.

Virginia has become the second state to enact a comprehensive consumer data privacy statute in the United States. Signed into law by Virginia Governor Ralph Northam on March 2, 2021, the Consumer Data Protection Act (“CDPA”) will take effect on January 1, 2023. While the CDPA shares some key components with the California Consumer Privacy

On 22 January 2021, it was announced that the Association of Southeast Asian Nations (ASEAN) had approved the new Data Management Framework (DMF) and Model Contractual Clauses for Cross Border Data Flows (MCCs).

ASEAN was established in 1967 with the key aim of improving economic growth and social progress, and collaboration and mutual assistance in

On November 3, 2020, a majority of Californians cast “yes” votes for Proposition 24, the ballot initiative enacting the California Privacy Rights Act of 2020 (CPRA). Although the election results have not yet been certified by the California Secretary of State and may not be before December 11, 2020 (the latest date), the CPRA had

The long-awaited enforcement date of July 1, 2020, for the California Consumer Privacy Act (“CCPA”) has finally arrived. The Office of the California Attorney General began enforcing the CCPA that very day, even before its implementing regulations (the “Regulations”) were finalized or approved. The Regulations finally became effective on August 14, 2020, but not before

The long-awaited enforcement date of July 1, 2020 for the California Consumer Privacy Act (“CCPA”) has finally arrived. However, the uncertainty that existed at the beginning of the year with respect to CCPA and its enforcement still exists. While the California Office of the Attorney General (“OAG”) has issued the final version of the implementing

On 24 October 2019, a third round of draft amendments (” Third Draft “) to the “Information Technology Personal Information Security Specification” (National Standard GB/T 35273- 2017) (GB/T 35273-2017) (” Spec ification “) were issued. This Third Draft follows two earlier versions that had been released for public consultation on 1 February 2019 and 25