Thank You

You are now registered for our Rouse Insights Newsletter

Digital and Data Regulatory Compliance

Delivering risk based proportionate compliance
  • Bespoke service to meet your needs
  • Common issues faced by our clients
  • Our project process
  • Our case studies
Talk to Us

 

 

 

The regulatory landscape is increasingly complex and developing, creating compliance challenges. Risks can be hard to identify. Ensuring proportionate and timely risk mitigation, focused on the most pressing risks can be a tricky path to chart.

Bespoke service to meet your needs

Our service gives you a clear picture of the regulatory environment and how it applies to your business. Alongside that we deliver prioritised risk management strategies.

We provide a clear understanding of how to implementation compliance measures in the short and medium term as well as long term management of the issues. This will protect your business from non-compliance issues.

Common issues faced by our clients

Generally, our clients come to us when there is a new regulatory framework released, for example GDPR or the Personal Information Protection Law. Or when new commercial activity triggers the need to review regulatory compliance.

Our project process

To create a bespoke solution for your business, we take our clients through the following process:

Our case studies

Case study 1

A global children’s games and entertainment company seeking to be compliant with China’s data regulatory framework across multiple entities

Client’s challenge

The client owned multiple different business in China, each with their own operations. Alongside this, they worked with a number of partners in China. All parties needed to be compliant with the complex data regulatory framework in China. This included the need to transfer data between entities and cross-border.

Our approach

Using our project-based approach, we took the client through the following steps:

  • Built understanding: Delivered Personal Information Protection Law (PIPL) training to legal and business teams.
  • Identified the risks: Delivered PIPL Risk Rating and Compliance Action Plan, including analysis of data collection and data flows across entities. Following new cross-border regulations and the client’s updated commercial strategy, we repeated the compliance review and updated the Action Plan.
  • Supported risk mitigation: Created overarching workplan to prioritise actions, workloads and facilitate communication with the wider business. Delivered updated privacy notices.

Impact of our work

The client understood all of the actions required to deliver compliance across their whole operation. They were able to prioritise their efforts based on the risk levels for non-compliance with different regulations. The framework also provided an approach for managing future data risk within business operations.

With the full picture, the Legal teams could get buy-in from the wider business about the importance of undertaking rectification and the investment required.

 

Case study 2

Digital Strategy Implementation​

Client’s challenge

The digital media regulatory landscape in China is complex and highly regulated. By implementing their global strategy in China, our client was seeking to generate and utilise more online and digital content. However, the highly regulated landscape in China brings a risk of strong and targeted action for non-compliance. Our client approached us to provide support on issues which ranged from decisions to inform successful strategy implementation through to day-to-day compliance. ​

Our approach

As the regulatory landscape for content production and distribution in China is complex and multifaceted, we provided an overview to identify the key risks to strategy delivery and options to overcome them. This also informed partnerships with third parties which were essential for delivery. When developing the content, we advised our client on censorship and marketing regulation, including advertising to and engaging minors in gaming promotions. Data privacy and protection was a key concern but our Digital Channel Risk Assessment and Rectification Plan ensured adherence with the Personal Information Protection Law (China’s equivalent of GDPR).

Impact of our work

With our support, our client was able to effectively implement their strategy whilst avoiding any risks which would damage brand reputation.

 

Case study 3

Maximising IP protection and data law compliance

Client’s challenge

When selling cutting edge technologies in China, ensuring effective IP protection is key to maintaining competitive advantage. In addition, the unique and complex regulatory landscape means care must be taken to avoid any concealed pitfalls. Therefore, when our client was launching a new Internet of Things (IoT) solution to monitor the performance of its industrial air purification products, they approached us.

Our approach

Our IP protection gap analysis enabled the client to strengthen protection for their core IoT/Software as a Solution (SaaS) technology and source code. Drawing on industry best practice, we recommended enhancements to the business structure and relationships with third parties to create additional control mechanisms for their IP. Data management and cross-border data flows was a specific regulatory concern. To minimise any risks, we undertook a data compliance risk assessment and developed a rectification plan. This included making recommendations on reducing cross-border transfer without impacting business operations, as well as strengthening contractual arrangements with third parties.

Impact of our work

As a result, our client was able to mitigate the IP and regulatory risks and roll out their new product with confidence. 

Our Team

Jin Ling

Principal and Head of Digital & Commercial at Lusheng Law Firm (Rouse's strategic partner)

Shanghai

+86 21 3251 9966

Stina Pilotti

Principal, Sweden Digital & Commercial Head

Stockholm - Rouse

+46 (0)720 087 737

Sunny Su

Principal at Lusheng Law Firm (Rouse’s strategic partner)

Beijing

+86 10 8632 4000

James Godefroy

Principal, Deputy Enforcement Head

Guangzhou

+86 20 8595 5800

Chris Vale

Asia Regional Director & Global Head of Litigation

Hong Kong SAR , Hanoi , Ho Chi Minh City , Phnom Penh

+852 3412 4001

Nick Redfearn

Principal, Global Head of Enforcement

Jakarta

+62 811 870 2616

Holly White

Senior Commercial Lead

London

+44 20 7536 4185

+46 (0) 70 233 62 62

Maura Canavan

Principal, South Africa Country Manager, Africa Head of Trade Marks & Brands

South Africa

+27 764 926 828

Latest Digital and Data Regulatory Compliance Insights

More
New law will enter into force in December 2024

2 minute read

Jennifer Rönnerhed

READ MORE

21 Nov 2024

Multimillion euro fines issued to Meta and LinkedIn

1 minute read

Frida Holmér (née Siverall)

READ MORE

13 Nov 2024

The draft PDPL aims to provide a unified framework for the protection of personal data in Vietnam based on 4 policies.

2 minute read

Huy Nguyen

READ MORE

30 Sep 2024



Our Guides

This guide seeks to give an overview of the 2022 Indonesian Personal Data Protection Act (PDPA).
READ MORE

26 Oct 2022

Case Studies

IP protection gap analysis strengthened protection of core IoT/Software as a Solution (SaaS) technology and source code.

1 minute read

READ MORE

20 Jun 2022

  • #China
  • #Data Protection
  • #Technology
  • #Internet
  • #Digital