• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

E. Pernot-Leplay, PhD

Digital Sovereignty & Data Protection Law

  • China
  • Europe
  • U.S.
  • | About |
  • | Contact |

PIPL, Data Transfer in China & Data Localization

By Emmanuel Pernot-Leplay. Updated on 21 January 2023

CHina data transfer PIPL

With China’s PIPL (Personal Information Protection Law), restrictions on cross-border data transfers have been tightened. They remain authorized but are very supervised, with some stricter data localization rules. There are three main mechanisms to export data: security assessment, certification and standard contractual clauses.

[Read more…] about PIPL, Data Transfer in China & Data Localization

Filed Under: China Tagged With: China, Data Transfer

China’s Personal Information Protection Law (PIPL): Comparison with the EU and U.S. Approaches

By Emmanuel Pernot-Leplay. Updated on 22 November 2022

China data privacy law is often mentioned in discussions on state surveillance and the legitimate concerns it raises. But the obligations weighing on private actors, like those under GDPR in Europe, are much more detailed. This post focuses on their evolution until 2023, culminating with the Personal Information Protection Law (PIPL) and its guidelines, and the comparison with data privacy rules in the U.S. and the EU.

[This article is being updated] This post summarizes my law review article “China’s Approach on Data Privacy Law: A Third Way Between the U.S. and the EU?” published in the Penn State Journal of Law and International Affairs, vol. 8.1, augmented with the most recent changes. It comprehensively details the results of a research that is part of my Ph.D at Shanghai Jiao Tong University. The present blog post only aims at “briefly” presenting the main findings in a more casual fashion.

[Read more…] about China’s Personal Information Protection Law (PIPL): Comparison with the EU and U.S. Approaches

Filed Under: China, Legal Tagged With: China, Cybersecurity, Privacy

All Data Protection Laws in China (2023 List)

By Emmanuel Pernot-Leplay. Updated on 11 November 2022

china data protection laws

In this post, I try to keep track of all data privacy laws in China available in English. If no full translation is available, I do my best to link to some relevant comments published by observers. I find it convenient to have all of them gathered in one place, and I hope it can be helpful to you as well.

[Read more…] about All Data Protection Laws in China (2023 List)

Filed Under: China, Legal Tagged With: China

U.S. Data Privacy Laws: CCPA, HIPAA, COPPA… and soon a Federal Data Protection Act?

By Emmanuel Pernot-Leplay. Updated on 6 April 2020

USA data privacy

The U.S. data protection law landscape is moving fast since the GDPR arrived in the EU. This happens mostly at the state level so far, the CCPA being the best known of these new laws. The U.S. doesn’t yet have a nation-wide federal data privacy law, and relies on several sectoral laws. But this day will come, as the need to unify a patchwork of U.S. data privacy laws grows.

[Read more…] about U.S. Data Privacy Laws: CCPA, HIPAA, COPPA… and soon a Federal Data Protection Act?

Filed Under: Legal, U.S. Tagged With: Comparison, Data Privacy, USA

We Should Weaponize Personal Data to Fight Covid-19, with Privacy in Mind

By Emmanuel Pernot-Leplay. Updated on 30 March 2020

covid-19

OPINION. In its fight against Covid-19, China makes intensive use of the personal data of its people, while the EU doesn’t – yet. Big data analytics “for the common good”, including large-scale monitoring of population movements and identification of potential cases is a significant innovation in the management of this epidemic. This should be done, but with privacy in mind.

[Read more…] about We Should Weaponize Personal Data to Fight Covid-19, with Privacy in Mind

Filed Under: Europe, Legal Tagged With: China, European Union

Schrems vs. Facebook: will the EU Standard Contractual Clauses survive?

By Emmanuel Pernot-Leplay. Updated on 21 October 2017

Will the EU Standard Contractual Clauses survive the new battle between Facebook and Maximilian Schrems? On October 3, 2017, the Irish High Court issued a decision requesting the CJEU to evaluate the validity of the EU Standard Contractual Clauses (SCCs). These clauses are used to export personal data collected in the European Economic Area (EEA) to a third country.

By this decision, the High Court acknowledges that there are “well-founded grounds for believing that [the EU Standard Contractual Clauses] are invalid,” and that it is therefore necessary to refer them to the CJEU to ensure uniform  data protection in the EU (see paragraph 338 of the judgment).

[Read more…] about Schrems vs. Facebook: will the EU Standard Contractual Clauses survive?

Filed Under: Europe, Legal Tagged With: Data Transfer, European Union, GDPR, Privacy Shield, Standard Contractual Clauses

Primary Sidebar

About

Researcher at Tilburg University (Netherlands).
Ph.D. in Comparative Law, specialised in Data Protection (Shanghai Jiao Tong University). About & Publications

Follow @PernotLeplay

  • Email
  • LinkedIn
  • RSS
  • Twitter

Derniers Articles

CHina data transfer PIPL

PIPL, Data Transfer in China & Data Localization

China’s Personal Information Protection Law (PIPL): Comparison with the EU and U.S. Approaches

china data protection laws

All Data Protection Laws in China (2023 List)

USA data privacy

U.S. Data Privacy Laws: CCPA, HIPAA, COPPA… and soon a Federal Data Protection Act?

covid-19

We Should Weaponize Personal Data to Fight Covid-19, with Privacy in Mind

Schrems vs. Facebook: will the EU Standard Contractual Clauses survive?