Following a December 29, 2025 notice published by the Cyberspace Administration of China, institutions that handle personal information of children in China must report on their handling activities by January 31 each year (starting January 31, 2026); Several recently effective U.S. state comprehensive data privacy laws impact whether/how institutions may engage in targeted advertising to minors; The same U.S. state laws also impact whether/how institutions may “sell” minors’

China’s Ministry of Public Security (“MPS”) penalized Dior Shanghai for breaching personal information protection obligations, following an investigation into a data breach incident. MPS identified the following violations during the investigation: failure to implement a cross-border transfer mechanism; failure to fully inform data subjects about how their personal information would be handled by an overseas recipient; failure to obtain separate consent for cross-border trans

On October 6, 2025, the final provisions of the DOJ Sensitive Data Rule took effect, completing the framework for the DOJ’s Data Security Program.  Institutions engaging in relevant data-sharing activities should move quickly to ensure compliance.    On October 6, 2025, the last provisions of 28 C.F.R. Part 202, “ Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons ” (“DOJ Rule”) took effect, completing the regulatory

On April 25, 2025, TC260 issued the recommended standard Data Security Technology – Security Requirements for Handling of Sensitive...

On July 18, 2025, the CAC issued guidance on reporting the appointment of personal information protection officers. Handlers that reached...

On March 28, 2025, the Cyberspace Administration of China released a draft amendment to the Cybersecurity Law(“Draft Amendment”) for...

The 2025 Government Work Report emphasizes integration of vocational education and general (i.e., non-vocational) education, further...

The CAC and three additional departments jointly announced plans to strengthen PIPL enforcement in 2025 by applying special measures to...

On April 23, 2025, President Trump issued an Executive Order directing the Secretary of Education to step up enforcement of Section 117...

On April 11, 2025, the DOJ National Security Division published new guidance regarding the U.S. Sensitive Personal Data and...

Recently, the CAC released the final Measures for the Administration of Compliance Audits on Personal Information Protection...

On February 19, 2025, China issued the 2025 Action Plan for Stabilizing Foreign Investment, outlining key measures to attract and retain...

On January 8, 2025, the DOJ issued a new final rule to prohibit or restrict transfers of bulk sensitive personal data and certain U.S....

The Approval for the Temporary Adjustment of the Implementation in Beijing of the Provisions of Relevant Administrative Regulations and...

On August 27, the European Union and China launched a new Cross-Border Data Flow Communication Mechanism to address problems regarding...

On August 9, 2024, the Guangzhou Internet Court published an opinion in the first cross-border data transfer case in China. The case ...

On September 24, China’s State Council released finalized Regulations on Network Data Security Management, which took effect on January...

The Beijing Education Commission released the Beijing Guide to AI Application in Education (2024) on October 28, 2024, which encourages...

International student enrollment at U.S. institutions during the 2023/24 academic year increased 7% from the previous academic year,...

China’s Degree Law will take effect on January 1, 2025. The Degree Law divides degrees into academic and professional degrees, sets out...