More notably, it widens the PDPD's focus on Vietnamese citizens' data to cover any natural person's info stored in Vietnam before export, regardless of nationality. This shift broadens transborder ...

Heinig shares takeaways from discussions about the Digital Risk Index 2025 at the recent Navigate: A Digital Policy ...

IAPP Cybersecurity Law Center Managing Director Jim Dempsey analyzes several cybersecurity-related enforcement actions taken by the U.S. Department of Health and Human Services, Transportation ...

With new technologies, new types of data and new methods of collection defining of our current reality, privacy cannot merely be an afterthought.

The General Data Protection Regulation regulates cross-border processing of personal data. For many organizations, identifying their lead supervisory authority (LSA), the principal EU regulator ...

If you are one of the thousands of companies that exports data from the EU to the U.S. or to another third country that lacks an adequacy decision using standard contractual clauses, are you permitted ...

On 19 June, the U.K. Information Commissioner's Office published its decision on Snap's My AI. This followed a preliminary enforcement notice issued by the ICO 6 Oct. 2023. The PEN contained ...

The updated resource acts as an index of both the national privacy legislation and relevant DPAs in over 200 countries. The directory's map and list functions allow users to select an individual ...

This article, part of a series covering U.S. data privacy litigation, focuses on breach of contract and warranties.

This resource aims to guide professionals on steps that can be taken in response to a ransomware attack.

This resource overviews cybersecurity law basics, including information on sectors it applies to and the significant laws and regulations that impact it.

Contributors Erica Werneman Root, Nils Müller and Monica Mahay explore the core legal requirements under the EU AI Act and situates AI literacy in the wider AI governance context.