今天分享的是：段和段研究院：2025年DPO在企业出海中的刚需报告 报告共计：89页 2025年DPO在企业出海中的刚需报告核心总结 在全球化与数字化深度融合的背景下，数据合规已成为企业出海的关键生存议题。段和段律师事务所发布的《2025年DPO在企 业出海中的刚需报告》，通过实证调研与跨法域分析，系统梳理了数据保护官（DPO）在企业出海中的核心价值与实践路径。 报告调研显示，中国企业出海进程中存在显著的合规能力缺口。近六成企业尚未设立专职DPO，近半数企业的数据合规体系仍 未启动，而约一半企业已涉及或计划开展跨境数据传输。"数据全生命周期管控"与"跨境传输机制"成为企业核心痛点，同时企业 对多法域合规支持、跨境应急响应等外部服务需求迫切，凸显内部能力建设的滞后。 全球范围内，DPO角色正从"高配"向"标配"演进。新加坡已强制要求企业任命DPO并备案，欧盟GDPR也明确了特定企业的配置 义务，DPO逐渐成为企业合规的刚性需求。中国出海企业的DPO需承担多重复合角色，既是境内外合规的"双重守门人"，也是 战略风险评估者与跨境数据流动架构师，需在协调法律冲突、应对多线监管等方面发挥核心作用。 制度层面，中外DPO ...

2025年，全球资本市场的风向标似乎正在发生微妙的轮动。当港股以同比激增700%的募资额宣告"牛市回归"，当美股中概股审批重回常态化轨道，中国 企业的境外上市之路似乎再度宽阔起来。然而，硬币的另一面是，在A股IPO持续收紧的当下，已经在上市筹备路上的千军万马涌向境外上市的赛道，机 遇背后的"深水区"依然暗礁丛生：从红筹架构的穿透式监管到数据出境的合规红线，从Web3新赛道的财务审计到SPAC上市后的估值管理，每一个环节的 认知偏差都可能成为企业境外上市路上的"阿喀琉斯之踵"。 在此背景下，由RET睿意德、中伦律师事务所、36氪、氪睿丰远及容诚会计师事务所，五大机构强强联手发起的"IPO加速营"于12月17日在上海陆家嘴正 式开营，并举行了大咖云集的首场港美股IPO专题沙龙。 这不仅是一场云集了近百位企业创始人、CFO及知名投资机构的闭门培训，更是一次关于中国企业出海搭建资本市场平台方法论的深度复盘与战略重构。 在长达5小时的思维碰撞中，近二十位来自法律、审计、财税、投资、SPAC发行及政策端的重量级嘉宾，现场拆解多个实战案例，共同为2026年的拟上市 企业绘制了一份价值千金的"实战指南"。 活动现场图 活动伊 ...

Core Insights - The global capital market is experiencing a subtle shift, with Hong Kong stocks seeing a 700% year-on-year increase in fundraising, signaling a return to a bull market, while Chinese companies are finding renewed opportunities for overseas listings as the approval process for U.S. and Hong Kong-listed Chinese stocks normalizes [1] - However, challenges remain for companies looking to list abroad, including regulatory complexities and compliance issues related to red-chip structures and data export [1] Group 1: Event Overview - The "IPO Acceleration Camp" was launched on December 17 in Shanghai, initiated by major institutions including Zhonglun Law Firm and 36Kr, aimed at providing a comprehensive platform for Chinese companies seeking to navigate overseas capital markets [1][4] - The event featured nearly 100 participants, including founders, CFOs, and investment institutions, and included discussions on practical case studies to create a valuable "practical guide" for companies planning to go public in 2026 [1][4] Group 2: Key Themes and Discussions - Eric Zhang, CEO of Zhi Yi Capital, highlighted three main pain points driving companies to seek overseas listings: the urgency to relieve contractual obligations, the need for financing leverage amid growth, and deeper internationalization demands [4] - The SPAC market is returning to rationality in 2025, providing a more certain path for companies to go public, especially as NASDAQ has raised the minimum fundraising threshold for IPOs, making it difficult for smaller companies to enter the market [7][9] Group 3: Regulatory Insights - Legal experts discussed the importance of red-chip structures for overseas listings, emphasizing the flexibility of Cayman Islands companies in navigating regulatory requirements and facilitating dual listings [11] - The latest developments in Hong Kong's IPO process were shared, including the stringent requirements for biotech companies and the importance of having a "veteran investor" endorsement for certain listings [13][14] Group 4: Financial and Compliance Considerations - Discussions included the significance of financial compliance, particularly for platform companies, and the need to address historical issues such as social security contributions before going public [28] - The importance of data compliance was underscored, with experts warning that data compliance is no longer optional but a necessity for companies, especially those with significant consumer data [34][36] Group 5: Strategic Recommendations - Experts advised companies to start their IPO preparations as early as possible, emphasizing that the process is more about strategic planning than merely waiting for favorable market conditions [32][34] - Local government support for companies seeking to list abroad was highlighted, showcasing initiatives to facilitate the listing process and provide financial backing [30]

Core Viewpoint - The insurance industry faces increasing compliance risks related to personal information protection as digital transformation progresses and regulatory frameworks improve [1][6] Group 1: Compliance Issues - The Shanghai Communications Administration reported that 3 insurance institutions had 8 apps (SDKs) flagged for issues such as lack of clarity in personal information processing rules and difficulties in account cancellation [1] - In total, over 20 apps (SDKs) from 9 insurance institutions have been flagged in 2025, indicating a systemic issue within the industry regarding personal information protection [1][2] - Other regions have also reported similar compliance issues, highlighting a widespread problem across the insurance sector [2][3] Group 2: Systemic Shortcomings - The frequent notifications reveal systemic shortcomings in personal information protection within the insurance industry, characterized by opaque rules, excessive data collection, and inadequate complaint handling [3] - The underlying issues stem from a misalignment in incentive mechanisms, capability systems, and responsibility chains within insurance institutions [3][4] Group 3: Regulatory Developments - Recent regulations, including the Personal Information Protection Law and the Data Security Law, have been implemented to enhance data governance and compliance in the financial sector [6][7] - The Financial Regulatory Authority has emphasized the need for insurance companies to shift from reactive compliance to proactive measures in personal information protection [7][8] Group 4: Recommendations for Improvement - To enhance data governance and personal information protection, the insurance industry should consider restructuring governance frameworks, leveraging technology for data security, and establishing comprehensive responsibility mechanisms for third-party collaborations [8]

Core Insights - Data is a critical risk point for startups, even if it may not serve as a competitive moat [1] - Different types of user data, AI-generated content, and other data categories have varying legal risks and processing requirements [2] - For companies expanding overseas, prioritizing compliance risks is essential due to frequent litigation and infringement disputes [3] Group 1: Workshop Details - The workshop will feature partners Zheng Wei and Sun Qimin from Beijing Xingye Law Firm, focusing on compliance and high-risk issues faced by AIGC startups during international expansion [4] - The event is scheduled for December 18 at 8 PM and will be held online [5] - Participation is limited and requires a screening process for registration [6] Group 2: Data Usage and Compliance - During model training, it is crucial to determine which types of data, such as synthetic data, copyrighted content, and user behavior data, can be utilized [8] - Different data types, including code, images, and audio/video, present unique infringement risks that need to be addressed [8] - Questions regarding ownership of AI-generated content, as well as the delineation of data usage rights and intellectual property for ToB and ToC applications, are critical [10] - Companies must also consider how to manage cross-border data transfer, local storage, and data isolation when expanding internationally [10]

中经记者 樊红敏 北京报道 随着数字化转型进程的推进和监管制度的逐步完善，保险业作为数据密集型产业在个人信息保护方面面 临的合规风险愈发凸显。 近日，上海市通信管理局（以下简称"上海通信局"）发布的《关于侵害用户权益行为APP（SDK）的通 报（2025年第十批）》显示，3家保险机构的8款APP（SDK）上榜，涉及的问题包括"未明示个人信息 处理规则""账号注销难""违规收集个人信息""未妥善处理用户投诉"等。 《中国经营报》记者梳理发现，包括此次通报在内，今年以来，上海通信局发布的十批通报中，共有9 家保险机构（含保险中介，下同）合计超过20款APP（SDK）"上榜"。其他地方通信管理局的通报中， 也不乏保险机构"上榜"。 "近年来，保险业进入数字化转型的关键时期，又适逢《中华人民共和国个人信息保护法》《中华人民 共和国数据安全法》等法律规定出台实施，既需要推进数字化转型，又亟须提升数据合规水平。保险业 作为数据密集型行业，数据规模大、场景多元、价值明显，属于个人信息保护合规风险高发的领域，数 据合规问题愈发凸显。"金杜律师事务所合伙人宁宣凤在接受记者采访时表示。 数据伦理尚未树立 上海通信局在通报中同时要 ...

Core Insights - The company Jiangsu Haiping Data Technology is transforming the management logic of commercial and engineering vehicles through digital technology, having installed over 1 million devices on various operational vehicles across China [1][8] - The company has established regional data centers globally to comply with local data regulations, allowing for real-time data management of over 10 million vehicles [3][5] - The use of AI algorithms enables the company to capture and diagnose vehicle faults in real-time, significantly improving repair efficiency [5][7] - The company is monetizing vehicle data by providing value-added services, helping clients optimize operational costs and generating new revenue streams [7][8] Group 1 - The company specializes in equipping trucks, excavators, and tractors with smart technology, managing real-time data for over 10 million vehicles [1][3] - The establishment of regional data centers in locations such as Singapore, Saudi Arabia, and Germany allows for compliance with local data regulations while ensuring quick data access [3][5] - The company offers a rental model for its data services, allowing clients to pay monthly fees for system access without high upfront costs [3][5] Group 2 - The AI-powered terminal captures critical vehicle data during faults, creating a diagnostic library that enhances repair processes [5][7] - The company is following Chinese vehicle manufacturers as they expand internationally, providing data solutions that save clients significant localization costs [7][8] - The company has completed multiple funding rounds and is positioning itself as a leading global provider of intelligent automotive networking services [8]

Core Viewpoint - Data is not necessarily a moat for products, but it is a risk point that startups must take seriously [1] Group 1: Legal Risks and Compliance - Different types of user data, AI-generated content, and various media have distinct legal risks and processing requirements [2] - For companies expanding overseas, it is crucial to prioritize compliance risks, especially given the frequency of lawsuits and infringement disputes [3] - The workshop features partners from Beijing Xingye Law Firm discussing how AIGC startups can navigate compliance and high-risk issues during international expansion [4] Group 2: Data Usage and Rights - During the model training phase, it is essential to determine which types of data, such as synthetic data, copyrighted content, and user behavior data, can be used [8] - There are specific considerations regarding infringement risks for different types of data, including code, images, and audio/video [8] - Questions arise about the ownership of AI-generated content and how to define data usage rights and intellectual property for ToB and ToC applications [10] Group 3: Cross-Border Data Management - Companies must understand how to manage cross-border data transmission, local storage, and data isolation when expanding their products internationally [10]

11月28日，第十五届信息安全法律大会在北京召开，会议以"安全的边界 执法的协同 文化的力量"为主题。信息安全与保密通信杂志社作为学术支持单位 与会。在本次会议数据安全与个人信息保护法治新图景论坛上，南京大学信息管理学院副教授张斌作了题为"企业数据合规与风险管理：基于情报学的视 角"的报告，以下为报告内容。 报告现场 一、背景 广泛地讲，情报学涵盖军事情报、公安情报等，而高校在研究情报学时，主要聚焦科技情报领域，主要方向是科技创新，为科技部等相关单位提供科技创 新发展规划支持。在研究科技创新的过程中，围绕数据、信息、知识、情报等展开，自然延伸到数字经济背景下的数字创新议题。反过来看，创新工作的 主体必然涉及企业，而企业在数字创新过程中难免遇到合规和风险问题，故而从学科视角来分享本次内容。 聚焦当前的数据合规形势。全球范围内，数据合规相关的判罚案例不断敲响警钟：2021年7月，亚马逊因用户隐私数据保护问题被卢森堡罚款；2022年7 月，滴滴因超范围收集用户个人信息被中国网信办罚款；2025年5月，TikTok因数据违规跨境被爱尔兰数据保护局罚款。这些案例背后，是全球监管体系 的不断完善与收紧。 从全球监管图景来 ...

Core Viewpoint - The article discusses the recent removal of real-time valuation services for mutual funds, prompting investors to seek alternative tools for investment decision-making, with Sina Finance APP emerging as a preferred choice due to its comprehensive data services and investment tools [2][4]. Group 1: Removal of Real-Time Valuation - The real-time valuation feature was a significant selling point for platforms catering to retail investors, but it often led to irrational investment behavior due to its focus on short-term market fluctuations [3]. - Real-time valuations were based on estimated holdings rather than actual net values, leading to discrepancies that could mislead investors [3][4]. - The regulatory decision to remove this service aims to standardize data disclosure and promote a long-term investment mindset among investors [4]. Group 2: Advantages of Sina Finance APP - Sina Finance APP integrates data from 163 fund companies, covering 98% of market fund products and monitoring over 10,000 funds in real-time [5]. - The APP provides detailed fund profiles, including complete holding details, industry allocations, performance metrics, and key risk-return indicators, aiding investors in assessing fund stability and performance [6]. - The APP's intelligent tools, such as the "Xina AI Assistant," enhance decision-making by summarizing complex reports and identifying risk and opportunity points, improving processing efficiency by eight times compared to manual analysis [7]. Group 3: One-Stop Experience - The APP offers a seamless experience from information gathering to trading, allowing investors to open accounts and execute trades directly within the platform [11]. - It collaborates with 60 fund companies, providing access to over 3,000 mutual fund products, thus covering mainstream public fund offerings [11]. - The content matrix of the APP includes timely news updates and in-depth reports, with an average news release time 15 minutes ahead of competitors, indicating its efficiency in delivering information [11]. Group 4: Professional Investor Behavior - Professional investors utilize a more rational and strategic approach, considering multiple factors beyond single data points for trading decisions [12]. - They pay close attention to discrepancies between valuation and net value, as significant deviations can indicate changes in fund manager strategies [12]. - The removal of real-time valuation has led professional investors to prefer platforms like Sina Finance APP, which offer comprehensive analytical tools for evaluating fund performance from multiple dimensions [12].