While the definition of sensitive personal information in China has always been different to other jurisdictions, with a focus on risk of harm at its heart, new draft guidance should make it easier for organisations to map their processing of China sensitive personal information, which is increasingly important in light of new cross-border data transfer
Continue Reading China: Important new guidance on defining sensitive personal informationIn the rapid development of artificial intelligence (“AI”), regulators are playing catch up in creating frameworks to aid and regulate its development.
As the AI landscape begins to mature, different jurisdictions have begun to publish guidance and frameworks. Most recently, on 11 June 2024, Hong Kong’s Office of the Privacy Commissioner for Personal Data (“
Continue Reading HONG KONG: Artificial Intelligence – Model Personal Data Protection Framework
Data classification and grading is an obligation that each data handler must comply with under the Chinese data protection laws. Data handlers have been waiting for clear requirements and standards on how to carry out the relevant work. The newly published national standard GB/T 43697-2024 Data Security Technology – Rules for Data Classification and Grading
Continue Reading CHINA: New national data classification and grading standard is released
In good news, on 22 March 2024, the Cyberspace Administration of China (“CAC”) finalised long-awaited guidelines setting out exemptions to some of the more challenging cross-border data transfer (“CBDT”) compliance requirements (“Guidelines”). As well the exemptions, there are updated filing templates for those still falling outside the exemptions; and
Continue Reading CHINA: Cross Border Data Transfer Requirements – exemptions now availableAuthor: Carolyn Bigg, Amanda Ge, Venus Cheung, Gwyneth To
With 2023 having come to an end, the fast-paced changes to the China data protection regime throughout the year are continuing well into Q1 2024.
As well as a near finalisation of the different routes to legitimise cross-border data transfers, the Cyberspace
Continue Reading CHINA: data protection regulations – a lookback at 2023 developments
Since the enactment of Singapore’s Cybersecurity Act (Act) in August 2018, the digital battlefield has transformed dramatically. The nation’s move towards digitalisation has not only spurred the growth of Singapore’s digital economy but also brought new cyber threats and challenges to the fore.
Given this, the Cyber Security Agency of Singapore (CSA
Continue Reading Imminent Changes to Singapore’s Cybersecurity Act: New Obligations on Service Providers
