Thank You

You are now registered for our Rouse Insights Newsletter

Digital and Data Regulatory Compliance

Business compliance and internal control systems
  • About
  • About
Talk to Us

 

 

The regulatory landscape is increasingly complex and developing, creating compliance challenges. Risks can be hard to identify. Ensuring proportionate and timely risk mitigation, focused on the most pressing risks can be a tricky path to chart.

Bespoke service to meet your needs

Our service gives you a clear picture of the regulatory environment and how it applies to your business. Alongside that we deliver prioritised risk management strategies.

We provide a clear understanding of how to implementation compliance measures in the short and medium term as well as long term management of the issues. This will protect your business from non-compliance issues.

Common issues faced by our clients

Generally, our clients come to us when there is a new regulatory framework released, for example GDPR or the Personal Information Protection Law. Or when new commercial activity triggers the need to review regulatory compliance.

Our project process

To create a bespoke solution for your business, we take our clients through the following process:

Our case studies

Case study 1

A global children’s games and entertainment company seeking to be compliant with China’s data regulatory framework across multiple entities

Client’s challenge

The client owned multiple different business in China, each with their own operations. Alongside this, they worked with a number of partners in China. All parties needed to be compliant with the complex data regulatory framework in China. This included the need to transfer data between entities and cross-border.

Our approach

Using our project-based approach, we took the client through the following steps:

  • Built understanding: Delivered Personal Information Protection Law (PIPL) training to legal and business teams.
  • Identified the risks: Delivered PIPL Risk Rating and Compliance Action Plan, including analysis of data collection and data flows across entities. Following new cross-border regulations and the client’s updated commercial strategy, we repeated the compliance review and updated the Action Plan.
  • Supported risk mitigation: Created overarching workplan to prioritise actions, workloads and facilitate communication with the wider business. Delivered updated privacy notices.

Impact of our work

The client understood all of the actions required to deliver compliance across their whole operation. They were able to prioritise their efforts based on the risk levels for non-compliance with different regulations. The framework also provided an approach for managing future data risk within business operations.

With the full picture, the Legal teams could get buy-in from the wider business about the importance of undertaking rectification and the investment required.

 

Case study 2

Digital Strategy Implementation​

Client’s challenge

The digital media regulatory landscape in China is complex and highly regulated. By implementing their global strategy in China, our client was seeking to generate and utilise more online and digital content. However, the highly regulated landscape in China brings a risk of strong and targeted action for non-compliance. Our client approached us to provide support on issues which ranged from decisions to inform successful strategy implementation through to day-to-day compliance. ​

Our approach

As the regulatory landscape for content production and distribution in China is complex and multifaceted, we provided an overview to identify the key risks to strategy delivery and options to overcome them. This also informed partnerships with third parties which were essential for delivery. When developing the content, we advised our client on censorship and marketing regulation, including advertising to and engaging minors in gaming promotions. Data privacy and protection was a key concern but our Digital Channel Risk Assessment and Rectification Plan ensured adherence with the Personal Information Protection Law (China’s equivalent of GDPR).

Impact of our work

With our support, our client was able to effectively implement their strategy whilst avoiding any risks which would damage brand reputation.

 

Case study 3

Maximising IP protection and data law compliance

Client’s challenge

When selling cutting edge technologies in China, ensuring effective IP protection is key to maintaining competitive advantage. In addition, the unique and complex regulatory landscape means care must be taken to avoid any concealed pitfalls. Therefore, when our client was launching a new Internet of Things (IoT) solution to monitor the performance of its industrial air purification products, they approached us.

Our approach

Our IP protection gap analysis enabled the client to strengthen protection for their core IoT/Software as a Solution (SaaS) technology and source code. Drawing on industry best practice, we recommended enhancements to the business structure and relationships with third parties to create additional control mechanisms for their IP. Data management and cross-border data flows was a specific regulatory concern. To minimise any risks, we undertook a data compliance risk assessment and developed a rectification plan. This included making recommendations on reducing cross-border transfer without impacting business operations, as well as strengthening contractual arrangements with third parties.

Impact of our work

As a result, our client was able to mitigate the IP and regulatory risks and roll out their new product with confidence. 

Our Team

Jin Ling

Principal and Head of Digital & Commercial at Lusheng Law Firm (Rouse's strategic partner)

Shanghai

+86 21 3251 9966

Stina Pilotti

Senior Associate

Stockholm

+46 (0)723 994 247

Sunny Su

Senior Associate, Lusheng Law Firm

Beijing

+86 10 86324100

Evi Triana

Senior Associate

Jakarta

+62 21 769 7333

Fabrice Mattei

Principal, Head of Patent Group, Head of Climate Change Group and Myanmar Business Unit Head

Yangon

09209477831

+62 21 769 7333

Peeraya Thammasujarit

Deputy Country Manager and Head of Dispute Resolution Team

Bangkok

+66 2 653 2730

Samantha Grainger

Principal & Legal Consultant, Dubai Head of Trade Marks

Dubai

+971 4 309 8000

Yen Vu

Principal, Vietnam Country Manager Rouse Legal Vietnam

Ho Chi Minh City , Hanoi , Phnom Penh

+84 28 3823 6770

Holly White

Head of Service Development

London

+44 20 7536 4185

My Mattsson

Senior Associate

Stockholm

+46 (0)72 33 62 62

Latest Digital and Data Regulatory Compliance Insights

More
The draft PDPL aims to provide a unified framework for the protection of personal data in Vietnam based on 4 policies.

2 minute read

Huy Nguyen

READ MORE

30 Sep 2024

Research report developed in conjunction with strategic partner, Lusheng Law Firm.

1 minute read

Aria Tian, Carol Wang, Landy Jiang

READ MORE

26 Sep 2024

The Ministry of Public Security releases the Draft Data Law for public consultation

1 minute read

Yen Vu, Khanh Nguyen

READ MORE

19 Aug 2024

Case Studies

IP protection gap analysis strengthened protection of core IoT/Software as a Solution (SaaS) technology and source code.

1 minute read

READ MORE

20 Jun 2022