The DOJ Sensitive Data Rule: A Race to Compliance Maturity
On October 6, 2025, the final provisions of the DOJ Sensitive Data Rule took effect, completing the framework for the DOJ’s Data Security Program. Institutions engaging in relevant data-sharing activities should move quickly to ensure compliance. On October 6, 2025, the last provisions of 28 C.F.R. Part 202, “ Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons ” (“DOJ Rule”) took effect, completing the regulatory
Alan Grose, XL Law Consulting
11 minutes ago6 min read
China Issues New Requirements for Handling of Sensitive Personal Information
On April 25, 2025, TC260 issued the recommended standard Data Security Technology – Security Requirements for Handling of Sensitive...
Rose Li, XL Law & Consulting
Aug 65 min read
China Releases Guidelines on Reporting the Appointment of Data Protection Officers
On July 18, 2025, the CAC issued guidance on reporting the appointment of personal information protection officers. Handlers that reached...
Rose Li, XL Law & Consulting
Jul 314 min read
China Releases Draft Amendment to Cybersecurity Law
On March 28, 2025, the Cyberspace Administration of China released a draft amendment to the Cybersecurity Law(“Draft Amendment”) for...
Rose Li, XL Law & Consulting
Jun 44 min read
Education Highlights from China’s 2025 Two Sessions
The 2025 Government Work Report emphasizes integration of vocational education and general (i.e., non-vocational) education, further...
Rose Li, XL Law & Consulting
May 263 min read
State Privacy Enforcement Officials Argue for Strong State Role in Federal Privacy Law
• In a letter to a congressional Privacy Working Group, officials from California and New Jersey argued against preemptive federal...
Alan Grose, XL Law Consulting
May 192 min read
