On April 29, 2022, China’s National Information Security Standardization Technical Committee (commonly referred to as “TC260”) released a draft Technical Guideline on Personal Information Cross-Border Transfer Certifications (Cert Guideline). While the Cert Guideline is still in draft form and thus subject to change, it provides some clarification regarding the certification process for cross-border transfers of
Sherry Xiaoxuan Ding is a Data, Privacy & Cybersecurity associate in Greenberg Traurig’s San Francisco office. Sherry advises clients with creative strategies in addressing cross-border privacy and data security compliance issues under regulatory regimes in EU, U.S., and APAC regions, with a focus on international data transfer. Sherry has designed and implemented privacy governance programs for clients of various sizes against privacy frameworks such as the GDPR, APEC CBPR/PRP Systems, CCPA, the EDAA/IAB Europe OBA Framework, and the China Cybersecurity Law. Sherry’s experience extends to transactional agreements such as data processing agreements, as well as data privacy and information security related provisions in intellectual property (IP) licensing and technology service agreements, in addition to performing privacy impact assessment/DPIA and risk assessments, and monitoring and responding to individual rights requests.
Sherry also has experience with corporate mergers and acquisitions, technology licensing, as well as joint venture related cross broader deals.