The DOJ Sensitive Data Rule: A Race to Compliance Maturity
On October 6, 2025, the final provisions of the DOJ Sensitive Data Rule took effect, completing the framework for the DOJ’s Data Security Program. Institutions engaging in relevant data-sharing activities should move quickly to ensure compliance. On October 6, 2025, the last provisions of 28 C.F.R. Part 202, “ Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons ” (“DOJ Rule”) took effect, completing the regulatory
Alan Grose, XL Law Consulting
10 hours ago6 min read
China Issues New Requirements for Handling of Sensitive Personal Information
On April 25, 2025, TC260 issued the recommended standard Data Security Technology – Security Requirements for Handling of Sensitive...
Rose Li, XL Law & Consulting
Aug 65 min read
China Releases Guidelines on Reporting the Appointment of Data Protection Officers
On July 18, 2025, the CAC issued guidance on reporting the appointment of personal information protection officers. Handlers that reached...
Rose Li, XL Law & Consulting
Jul 314 min read
China Releases Draft Amendment to Cybersecurity Law
On March 28, 2025, the Cyberspace Administration of China released a draft amendment to the Cybersecurity Law(“Draft Amendment”) for...
Rose Li, XL Law & Consulting
Jun 44 min read
Education Highlights from China’s 2025 Two Sessions
The 2025 Government Work Report emphasizes integration of vocational education and general (i.e., non-vocational) education, further...
Rose Li, XL Law & Consulting
May 263 min read
China Announces Special Measures to Strengthen PIPL Enforcement in 2025
The CAC and three additional departments jointly announced plans to strengthen PIPL enforcement in 2025 by applying special measures to...
Rose Li, XL Law & Consulting
May 124 min read
