Tag Archives: Judith Alison Lee

United States Expands Sanctions Authorization of Internet-Based Activities in Wake of Protests in Iran

by Judith Alison Lee, Adam M. Smith, Stephenie Gosnell Handler, Audi Syarief, and Samantha Sewall.

On September 23, 2022, the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) issued General License D-2 (“GL D-2”), expanding a prior authorization to further facilitate the free flow of information over the internet to, from, and among residents of Iran. GL D-2 authorizes the exportation to Iran of certain services, software, and hardware incident to the exchange of internet-based communications. GL D-2 supersedes and replaces an existing license, General License D-1 (“GL D-1”), that had been in place without update for over eight years. According to the Treasury Department, the updated license is designed to bring the scope of the license in line with modern technology and ultimately to expand internet access for Iranians, providing them with “more options of secure, outside platforms and services.” As noted below, even though GL D-2 certainly expands upon the types of software and services allowed to be exported, one of its principal effects will likely be the enhanced comfort parties may have in providing such technology to Iran. GL D-1 was often not fully leveraged by the exporting community that was concerned about the extent of coverage. GL D-2 is an evident attempt to right this balance, making sure that exporters remain aware of limitations while also providing more certainty to those who wish to leverage the exemption. Continue reading

China Constricts Sharing of In-Country Corporate and Personal Data Through New Legislation

by Patrick F. Stokes, Oliver Welch, Nicole Lee, Ning Ning, Kelly S. Austin, Judith Alison Lee, Adam M. Smith, John D.W. Partridge, F. Joseph Warin, Joel M. Cohen, Ryan T. Bergsieker, Stephanie Brooker, John W.F. Chesley, Connell O’Neill, Richard Roeder, Michael Scanlon, Benno Schwarz, Alexander H. Southwell, and Michael Walther

The People’s Republic of China is clamping down on the extraction of litigation- and investigation-related corporate and personal data from China—and this may squeeze litigants and investigation subjects in the future.  Under a new data security law enacted late last week and an impending personal information protection law, China is set to constrict sharing broad swaths of personal and corporate data outside its borders.  Both statutes would require companies to obtain the approval of a yet-to-be-identified branch of the Chinese government before providing data to non-Chinese judicial or law enforcement entities.  As detailed below, these laws could have far-reaching implications for companies and individuals seeking to provide data to foreign courts or enforcement agencies in the context of government investigations or litigation, and appear to expand the data transfer restrictions set forth in other recent Chinese laws.[1]

Continue reading