Judy Yang

---

Judy Yang is a legal technologist with over 7 years of specialised experience in data privacy, AI governance, and cross-border compliance. As a CIPP/E and CIPM certified professional, she has successfully led ISO 27001 and ISO 27701 implementation for multinational companies.

REPRESENTATIVE MATTERS

• Contributed subject-matter expertise to the development of China national standards GB/T 41871–2022 (Automotive Data Security) and GB/T 44588–2024 (Privacy Policy Standard)
• Led GDPR implementation across 30+ jurisdictions
• Directed cross-border data transfer compliance at NASDAQ-listed companies
• Delivered GDPR and data protection training to over 500 employees worldwide
• Designed AI governance frameworks for companies entering the UK and EU markets
• Supported integration of privacy-by-design in automotive and digital platform ecosystems

PUBLISHED WORK

• Probing Polycentricity in EU Data Protection Cross-border Enforcement in Global Digital Data Governance (Routledge, 2024)

SPEAKING ENGAGEMENTS

• Speaker, Governing the Clearview AI Pandemic at the prestigious ILPC Annual Conference (Institute of Legal and Policy Research Centre, University of London), 2021
• Speaker, Myriad Faces Up for Grabs: Governing Facial Data Scrapping for Law Enforcement Agencies at the Digital Data Governance Workshop hosted by Käte Hamburger Kolleg/Centre for Global Cooperation Research, University of Duisburg-Essen (2021)
• Speaker, Data security challenges at a Ministry of Public Security forum, receiving formal recognition for contributions to public security frameworks (2021)

QUALIFICATIONS

• PGDL, BPP, 2022
• LL.M., University of Reading, 2016
• LL.B., Southwest Petroleum University, 2010

LANGUAGES

• English
• Mandarin Chinese