Zhenyu Ruan, Author at Connect On Tech

In Cybersecurity

Celebrating Data Privacy Day 2024

January 29, 2024 by Anne-Marie Allgrove, Anne Petterd, Adrian Lawrence, Toby Patten, Caitlin Whale, Liz Grimwood-Taylor, Zhenyu Ruan, Michael Wang, Marcia Lee, Dominic Edmondson, Jennifer Lau, Daniel Pardede, Adhika Wiyoso, Wiku Anindito, Bimo Harimahesa, Kensaku Takase, Daisuke Tatsuno, Andre Gan, Trishelea Sandosam, Bienvenido A. Marquez III, Divina Ilas-Panganiban, Ken Chia, Victoria Wong, H. Henry Chang, Louis Hsieh, Pattaraphan Paiboon, Kritiyanee Buranatrevedhya, Manh Hung Tran, Huyen Minh Nguyen, Huu Tuan Nguyen, Maher Ghalloussi, Dr Lukas Feiler, Beat Koenig, Alexander Hofmann, Elisabeth Dehareng, Caroline Serbanescu, Milena Hoffmanová, Lenka Bešťáková, Dusan Hlavaty, Magalie Dansac Le Clerc, Prof. Dr. Michael Schmidl, Matthias Scholz, Michaela Nebel, Florian Tannen, Simone (Bach) Rieken LL.M., Ines K. Radmilovic, Dr. Csaba Vári, Francesca Gaudino, Annie Elfassi, Kyllian Talbourdet, Remke Scheepstra, Nathalja Doing, Radoslaw Nozykowski, Marcin Fialka, Martyna Czapska, Jakub Falkowski, Janet McKenzie, Fatima Ismail, Patricia Pérez, Pablo Uslé, Peder Oxhammar, Margarita Kozlov, William Höglund, Alessandro Celli, Johanna Moesch (Mösch), Can Sozer, Ecem Elver, Oleksiy Stolyarenko, Dmytro Skydan, Khrystyna Oleniuk, Vinod Bange, Benjamin Slinn, Robbie Downing, Ian Walden, Tamara Mackay-Temesy, Guillermo José Cervio, Roberto Grane, Martin Roth, Valentina Biondi Grane, Catalina Benatena, Flavia Rebello, Ludmila Lago, Theo Ling, Conrad Flaczyk, Nadia Rauf, Diego Ferrada, Carolina Pardo, Carlos Arboleda, Carlos Vela-Trevino, Daniel Villanueva-Plasencia, Paulina Bojalil, Teresa Tovar, Brian Hengesbaugh, Cynthia Cole, Lothar Determann, Justine Phillips, Rachel Ehlers, Helena Engfeldt, Jonathan Tam, Cristina Messerschmidt, Maria Eugenia Salazar-Furiati and Hector Martinez 2 Mins Read

28 January 2024 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. Data Privacy Day encourages the global community to think about the importance of respecting privacy, safeguarding data, and enabling trust. In an increasingly connected and digitized world, where data protection, privacy and cybersecurity regulation are rapidly evolving, the work of the global data community is more vital, and more challenging,…

In Cybersecurity

China’s Detailed Cybersecurity Reporting and Disclosure Rules

January 18, 2024 by Rachel Ehlers, Brian Hengesbaugh and Zhenyu Ruan 3 Mins Read

On January 7, 2024, China’s Cyberspace Administration (“CAC”) closed the public consultation period for its new cybersecurity incident reporting rules, which were released in December. If the draft rules are adopted as written, companies would be required to report certain cybersecurity incidents to the relevant Chinese regulator within one hour. The relevant regulator depends on the nature of the IT system compromised, the industry, and other factors and may be the local CAC, the public…

In Data Privacy

China Proposes Ease of Cross-Border Transfer Rules as November 30 Deadline Looms

October 9, 2023 by Rachel Ehlers, Brian Hengesbaugh and Zhenyu Ruan 5 Mins Read

In Brief On September 29, 2023, China’s primary data protection regulator, the Cyberspace Administration of China (“CAC”), proposed new rules for cross-border data transfers from China (the “Draft Rules”). If implemented as written, the Draft Rules, which are currently subject to public comment through mid-October, will significantly roll back requirements for many US and multinational organizations. There is no specific deadline for adoption, but it is expected prior to November 30, 2023, which is the…

In Cybersecurity

The Countdown is On: Less than Three Months until China’s Standard Contractual Clauses Come Due

September 12, 2023 by Rachel Ehlers, Brian Hengesbaugh and Zhenyu Ruan 4 Mins Read

In recent years, China has adopted a series of complex regulations around cybersecurity and privacy. In 2022, it issued rules for cross-border transfers of data, and its version of Standard Contractual Clauses (“China SCCs”) in February 2023. The China SCCs became effective in June, but there was a six month grace period for filing, until November 30, 2023. Any company that has a presence in China or processes or transfers Chinese resident data outside of…

In Data Privacy

China Standard Contractual Clauses: June 1 Adoption Deadline is Approaching

May 1, 2023 by Zhenyu Ruan, Brian Hengesbaugh, Rachel Ehlers, Manisha Reddy, Adam Aft, Cynthia Cole, Nick Merker, Stephen Reynolds and Harry Valetk 2 Mins Read

In brief Companies that export personal data out of China have roughly one month to adopt China’s Standard Contractual Clauses (“SCCs”) to comply with the Cyberspace Administration of China’s (“CAC”) deadline of June 1, 2023. As outlined in previous client alerts, the SCCs are one of three mechanisms in place for cross-border data transfers from mainland China to other jurisdictions. Many multinationals will be impacted by these requirements because Chinese employment data, which is…

In Data Privacy

China proposes significant reorganization of data protection regulatory structure

March 13, 2023 by Brian Hengesbaugh, Cristina Messerschmidt, Rachel Ehlers and Zhenyu Ruan 2 Mins Read

In Brief On March 7, 2023, China’s State Council unveiled plans to consolidate the country’s data protection functions into a single National Data Bureau to address the inconsistencies around the administration of China’s data and security laws. Background The privacy and security legal landscape in China has quickly evolved in recent years. The Cybersecurity Law (CSL) was adopted in 2017, and modified in 2022. The Personal Information Protection Law (PIPL) and the Data Security Law…

In Data Privacy

China Issues Standard Contractual Clauses, effective June 1

March 2, 2023 by Zhenyu Ruan, Brian Hengesbaugh, Rachel Ehlers, Cristina Messerschmidt, Brittney Justice, Xi Chen, Michael Wang and Avi Toltzis 5 Mins Read

In Brief On February 24, 2023, the Cyberspace Administration of China (CAC) released the final version of the Standard Contractual Clauses (SCCs) and SCC Measures for the cross-border transfer of personal data under the Personal Information Protection Law (PIPL). The SCCs provide a mechanism for businesses to transfer personal information from mainland China to other jurisdictions. China’s SCCs closely mirror the EU’s SCCs, which were updated in 2021, but feature several important distinctions described in…

In Data Privacy

Asia Pacific: Deciphering Data Webinar Series – Key Takeaways

May 20, 2022 by Manh Hung Tran, Zhenyu Ruan, Dominic Edmondson, Kensaku Takase, Alex Toh, Florian Tannen, Paolo Sbuttoni, Sonia Ong, Jo-Fan Yu, Toby Patten, Simone Blackadder and Divina Ilas-Panganiban 9 Mins Read

In March 2022, Baker McKenzie’s Data Privacy & Security Team across offices presented the Asia Pacific edition of Deciphering Data, the Firm’s webinar series that aims to help companies and organizations decode complex developments in data privacy and cybersecurity. Our diverse team of cross-border experts offered their expertise and insight in this webinar series to help you understand the legal lay of the land and prepare for the future of privacy in Asia Pacific and…

In Data Privacy

Data Protection Day – Key developments and looking ahead to 2022

January 27, 2022 by Benjamin Slinn, Dr Michaela Nebel, Florian Tannen, Prof. Dr. Michael Schmidl, Magalie Dansac Le Clerc, Hugo Roy, Dr Lukas Feiler, Beat Koenig, Elisabeth Dehareng, Francesca Gaudino, Radoslaw Nozykowski, Nathalja Doing, Dr. Csaba Vári, Ilay Yilmaz, Can Sozer, Yigit Acar, Anne-Marie Allgrove, Liz Grimwood-Taylor, Dhiraphol Suwanprateep, Manh Hung Tran, Ken Chia, Alex Toh, Jacqueline Wong, Paolo Sbuttoni, Zhenyu Ruan, Kensaku Takase, Daisuke Tatsuno, Kellie Blyth, Arjun Patel, Theo Ling, Conrad Flaczyk, Nadia Rauf, Cristina Messerschmidt, Brian Hengesbaugh, Stephen Reynolds, Nick Merker, Harry Valetk, Michael Egan, Gary Hunt, Dominic Panakal, Alex Crowley, Justin Burgess, Daniel Villanueva-Plasencia, Carlos Vela-Trevino, Flavia Rebello, Suha Alwan and Nadine Bosshard 66 Mins Read

Friday 28 January 2022 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. To mark Data Protection Day 2022, our Global Data Privacy and Security Team have provided a roundup of key trends and developments across the globe from a data protection perspective as well as looking ahead to what to expect in 2022. There are new laws and developments to keep…

In Data Privacy

China Established a Comprehensive Personal Information Protection Regime

August 27, 2021 by Zhenyu Ruan and Tingting Gao 26 Mins Read

Executive Summary On 20 August 2021, the Standing Committee of the National People’s Congress passed the Personal Information Protection Law of the PRC (“PIPL”), after deliberating two draft versions and seeking for public comment in a ten month’s span. The passage of the PIPL signifies that China is stepping into a more robust and comprehensive personal information protection regime by establishing a unified, generally-applicable legislation, as EU does with the aid of the General Data…