Thank You

You are now registered for our Rouse Insights Newsletter

Digital and Data Regulatory Compliance

Delivering risk based proportionate compliance
  • Bespoke service to meet your needs
  • Common issues faced by our clients
  • Our project process
  • Our case studies
Talk to Us




The regulatory landscape is increasingly complex and developing, creating compliance challenges. Risks can be hard to identify. Ensuring proportionate and timely risk mitigation, focused on the most pressing risks can be a tricky path to chart.

Bespoke service to meet your needs

Our service gives you a clear picture of the regulatory environment and how it applies to your business. Alongside that we deliver prioritised risk management strategies.

We provide a clear understanding of how to implementation compliance measures in the short and medium term as well as long term management of the issues. This will protect your business from non-compliance issues.

Common issues faced by our clients

Generally, our clients come to us when there is a new regulatory framework released, for example GDPR or the Personal Information Protection Law. Or when new commercial activity triggers the need to review regulatory compliance.

Our project process

To create a bespoke solution for your business, we take our clients through the following process:

Our case studies

Case study 1

A global children’s games and entertainment company seeking to be compliant with China’s data regulatory framework across multiple entities

Client’s challenge

The client owned multiple different business in China, each with their own operations. Alongside this, they worked with a number of partners in China. All parties needed to be compliant with the complex data regulatory framework in China. This included the need to transfer data between entities and cross-border.

Our approach

Using our project-based approach, we took the client through the following steps:

  • Built understanding: Delivered Personal Information Protection Law (PIPL) training to legal and business teams.
  • Identified the risks: Delivered PIPL Risk Rating and Compliance Action Plan, including analysis of data collection and data flows across entities. Following new cross-border regulations and the client’s updated commercial strategy, we repeated the compliance review and updated the Action Plan.
  • Supported risk mitigation: Created overarching workplan to prioritise actions, workloads and facilitate communication with the wider business. Delivered updated privacy notices.

Impact of our work

The client understood all of the actions required to deliver compliance across their whole operation. They were able to prioritise their efforts based on the risk levels for non-compliance with different regulations. The framework also provided an approach for managing future data risk within business operations.

With the full picture, the Legal teams could get buy-in from the wider business about the importance of undertaking rectification and the investment required.


Case study 2

Digital Strategy Implementation​

Client’s challenge

The digital media regulatory landscape in China is complex and highly regulated. By implementing their global strategy in China, our client was seeking to generate and utilise more online and digital content. However, the highly regulated landscape in China brings a risk of strong and targeted action for non-compliance. Our client approached us to provide support on issues which ranged from decisions to inform successful strategy implementation through to day-to-day compliance. ​

Our approach

As the regulatory landscape for content production and distribution in China is complex and multifaceted, we provided an overview to identify the key risks to strategy delivery and options to overcome them. This also informed partnerships with third parties which were essential for delivery. When developing the content, we advised our client on censorship and marketing regulation, including advertising to and engaging minors in gaming promotions. Data privacy and protection was a key concern but our Digital Channel Risk Assessment and Rectification Plan ensured adherence with the Personal Information Protection Law (China’s equivalent of GDPR).

Impact of our work

With our support, our client was able to effectively implement their strategy whilst avoiding any risks which would damage brand reputation.


Case study 3

Maximising IP protection and data law compliance

Client’s challenge

When selling cutting edge technologies in China, ensuring effective IP protection is key to maintaining competitive advantage. In addition, the unique and complex regulatory landscape means care must be taken to avoid any concealed pitfalls. Therefore, when our client was launching a new Internet of Things (IoT) solution to monitor the performance of its industrial air purification products, they approached us.

Our approach

Our IP protection gap analysis enabled the client to strengthen protection for their core IoT/Software as a Solution (SaaS) technology and source code. Drawing on industry best practice, we recommended enhancements to the business structure and relationships with third parties to create additional control mechanisms for their IP. Data management and cross-border data flows was a specific regulatory concern. To minimise any risks, we undertook a data compliance risk assessment and developed a rectification plan. This included making recommendations on reducing cross-border transfer without impacting business operations, as well as strengthening contractual arrangements with third parties.

Impact of our work

As a result, our client was able to mitigate the IP and regulatory risks and roll out their new product with confidence. 

Our Team

Jin Ling

Principal and Head of Digital & Commercial at Lusheng Law Firm (Rouse's strategic partner)


+86 21 3251 9966

Stina Pilotti

Principal, Sweden Digital & Commercial Head

Stockholm - Rouse

+46 (0)720 087 737

Sunny Su

Principal at Lusheng Law Firm (Rouse’s strategic partner)


+86 10 8632 4000

James Godefroy

Principal, Deputy Enforcement Head


+86 20 8595 5800

Chris Vale

Global Head of Dispute Resolution, Director of Rouse

Hong Kong SAR , Hanoi , Ho Chi Minh City , Phnom Penh

+852 3412 4001

Nick Redfearn

Principal, Global Head of Enforcement


+62 811 870 2616

Holly White

Head of Service Development


+44 20 7536 4185

+46 (0) 70 233 62 62

Latest Digital and Data Regulatory Compliance Insights


Our Guides

This guide seeks to give an overview of the 2022 Indonesian Personal Data Protection Act (PDPA).

26 Oct 2022

Case Studies

IP protection gap analysis strengthened protection of core IoT/Software as a Solution (SaaS) technology and source code.

1 minute read


20 Jun 2022

  • #China
  • #Data Protection
  • #Technology
  • #Internet
  • #Digital