Insights

Insights


Latest News

    Trending Topics

      Futures

      Products


      Brand Protection

      IP Intelligence

      Litigation Analysis

      Case Management

      Nunc Orci


      Products Case Studies

      People

      Careers

      About

      Announcements

      • About Us
      • The Rouse Network
      • The Rouse Difference
      • Rouse Connect

      Grass Roots

      • Climate Change
      • Mitrataa
      • Rouse Cares

      ClientWEB

      Thank You

      Your are now register subscriber for our Rouse

      Digital and Data Regulatory Compliance

      Business compliance and internal control systems
      • About
      • About
      • Common issues faced by our clients
      Talk to us

       

       

      The regulatory landscape is increasingly complex and developing, creating compliance challenges. Risks can be hard to identify. Ensuring proportionate and timely risk mitigation, focused on the most pressing risks can be a tricky path to chart.

      Bespoke service to meet your needs

      Our service gives you a clear picture of the regulatory environment and how it applies to your business. Alongside that we deliver prioritised risk management strategies.

      We provide a clear understanding of how to implementation compliance measures in the short and medium term as well as long term management of the issues. This will protect your business from non-compliance issues.

      Generally, our clients come to us when there is a new regulatory framework released, for example, GDPR or the Personal Information Protection Law. Or when new commercial activity triggers the need to review regulatory compliance.

      Our project process

      To create a bespoke solution for your business, we take our clients through the following process:

      Our case studies

      Case study 1

      A global children’s games and entertainment company seeking to be compliant with China’s data regulatory framework across multiple entities

      Client’s challenge

      The client owned multiple different business in China, each with their own operations. Alongside this, they worked with a number of partners in China. All parties needed to be compliant with the complex data regulatory framework in China. This included the need to transfer data between entities and cross-border.

      Our approach

      Using our project-based approach, we took the client through the following steps:

      • Built understanding: Delivered Personal Information Protection Law (PIPL) training to legal and business teams.
      • Identified the risks: Delivered PIPL Risk Rating and Compliance Action Plan, including analysis of data collection and data flows across entities. Following new cross-border regulations and the client’s updated commercial strategy, we repeated the compliance review and updated the Action Plan.
      • Supported risk mitigation: Created overarching workplan to prioritise actions, workloads and facilitate communication with the wider business. Delivered updated privacy notices.

      Impact of our work

      The client understood all of the actions required to deliver compliance across their whole operation. They were able to prioritise their efforts based on the risk levels for non-compliance with different regulations. The framework also provided an approach for managing future data risk within business operations.

      With the full picture, the Legal teams could get buy-in from the wider business about the importance of undertaking rectification and the investment required.

       

      Case study 2

      Digital Strategy Implementation​

      Client’s challenge

      The digital media regulatory landscape in China is complex and highly regulated. By implementing their global strategy in China, our client was seeking to generate and utilise more online and digital content. However, the highly regulated landscape in China brings a risk of strong and targeted action for non-compliance. Our client approached us to provide support on issues which ranged from decisions to inform successful strategy implementation through to day-to-day compliance. ​

      Our approach

      As the regulatory landscape for content production and distribution in China is complex and multifaceted, we provided an overview to identify the key risks to strategy delivery and options to overcome them. This also informed partnerships with third parties which were essential for delivery. When developing the content, we advised our client on censorship and marketing regulation, including advertising to and engaging minors in gaming promotions. Data privacy and protection was a key concern but our Digital Channel Risk Assessment and Rectification Plan ensured adherence with the Personal Information Protection Law (China’s equivalent of GDPR).

      Impact of our work

      With our support, our client was able to effectively implement their strategy whilst avoiding any risks which would damage brand reputation.

       

      Case study 3

      Maximising IP protection and data law compliance

      Client’s challenge

      When selling cutting edge technologies in China, ensuring effective IP protection is key to maintaining competitive advantage. In addition, the unique and complex regulatory landscape means care must be taken to avoid any concealed pitfalls. Therefore, when our client was launching a new Internet of Things (IoT) solution to monitor the performance of its industrial air purification products, they approached us.

      Our approach

      Our IP protection gap analysis enabled the client to strengthen protection for their core IoT/Software as a Solution (SaaS) technology and source code. Drawing on industry best practice, we recommended enhancements to the business structure and relationships with third parties to create additional control mechanisms for their IP. Data management and cross-border data flows was a specific regulatory concern. To minimise any risks, we undertook a data compliance risk assessment and developed a rectification plan. This included making recommendations on reducing cross-border transfer without impacting business operations, as well as strengthening contractual arrangements with third parties.

      Impact of our work

      As a result, our client was able to mitigate the IP and regulatory risks and roll out their new product with confidence. 

      Our Team

      Jin Ling

      Principal, Director of Commercial Law Practice

      Shanghai

      +86 21 3251 9966

      Stina Pilotti

      Senior Associate

      Stockholm

      +46 (0)723 994 247

      Sunny Su

      Senior Associate

      Beijing

      +86 10 86324100

      Evi Triana

      Senior Associate

      Jakarta

      +62 21 769 7333

      Fabrice Mattei

      Principal, Climate Change & IP Group Head and Myanmar Country Manager

      Yangon

      +66 2 653 2730

      +62 21 769 7333

      Peeraya Thammasujarit

      Deputy Country Manager and Head of Dispute Resolution Team

      Bangkok

      +66 2 653 2730

      Samantha Grainger

      Principal & Legal Consultant, Dubai Head of Trade Marks

      Dubai

      +971 4 309 8000

      Yen Vu

      Principal, Vietnam Country Manager Rouse Legal Vietnam

      Ho Chi Minh City , Hanoi , Phnom Penh

      +84 28 3823 6770

      Holly White

      Senior Consultant, Rouse Consultancy

      London

      +44 20 7536 4185

      My Mattsson

      Senior Associate

      Stockholm

      +46 (0)72 33 62 62

      Latest Digital and Data Regulatory Compliance Insights

      More
      New law will enter into force in December 2024

      2 minute read

      Jennifer Rönnerhed

      READ MORE

      21 Nov 2024

      Multimillion euro fines issued to Meta and LinkedIn

      1 minute read

      Frida Holmér

      READ MORE

      13 Nov 2024

      The draft PDPL aims to provide a unified framework for the protection of personal data in Vietnam based on 4 policies.

      2 minute read

      Huy Nguyen

      READ MORE

      30 Sep 2024