A subject that receives little attention (academically or in practice) is the intersection of three distinct, yet often overlapping, compliance areas: (1) data privacy; (2) information security; and (3) export compliance. [Read more…]
The U.S. export control regime is vast, complex, and constantly changing. At least sixteen federal agencies are responsible for the enforcement of roughly thirty distinct, yet often overlapping, federal statutes and regulations.
Generally, the goal of this regime is to control the export and re-export of U.S. items for the purposes of: national security; foreign policy; short supply; reduction of nuclear proliferation; limitation of chemical and biological warfare; antiterrorism; crime control; enforcement of economic embargoes; and compliance with U.N. resolutions. [Read more…]
As you all know, a few changes and innovations are imminent in data protection law. The currently valid Federal Data Protection Act (BDSG) (Germany) will be replaced by the basic EU General Data Protection Regulation (GDPR), valid from May 25, 2018. However, this should rather be seen as an opportunity through a timely adjustment, as processes within the company can be harmonized and synergies can be exploited through a data protection law-compliant structure. [Read more…]
Under the EU Data Protection Directive, all transfers of personal data from the European Economic Area (EEA) to the United States are considered prima facie unlawful unless there is an appropriate level of protection for the rights and freedoms of data subjects. [Read more…]
On July 6, 2015, the Standing Committee of the National People’s Congress (NPCSC) of the People’s Republic of China published a draft on Cybersecurity Law. A public comment period on the Cybersecurity Law was open until August 5, 2015.
As shown, the Cybersecurity Law draft has not yet been finalized. Some significant provisions which are part of the draft show the priorities that govern the promotion of cybersecurity in China. [Read more…]