Carol Sun specializes in cross-border compliance, privacy protection and cybersecurity, government investigations and white-collar crime. Before joining JunHe, she was the head of compliance practice in two Chinese law firms. Carol is a leading lawyer with significant industry recognition in the practice of cross-border compliance and data compliance.

Carol is committed to helping her clients manage the increasingly complex global compliance matters. In particular, she is experienced in dealing with cross-border compliance issues involving the multi-jurisdictional legal requirements. She has represented clients in dozens of U.S. Foreign Corrupt Practices Act (FCPA) related investigations, involving the jurisdictions of China, the United States and Europe. Carol is also focusing her practice on the impact of law enforcement in anti-corruption, export control, data cross-border transfer and other regulatory compliance, and crisis management projects.

Carol Sun is highly regarded as a pioneer in personal information protection and data security, with a special focus on cross-border data transfer regulations, personal information protection rules, and the incident response of data breach. She has represented nearly 100 domestic and foreign enterprises engaged across diverse fields such as intelligent equipment, medical and health, biotechnology, Internet of Things, video surveillance, artificial intelligence, Internet technology, finance, consumer goods and other emerging and traditional industries in personal information protection, data and cybersecurity projects. She also specializes in coordinating global data protection projects in conjunction with foreign data protection requirements, including the General Data Protection Regulation (GDPR) in Europe, state privacy laws in the United States, and other data protection requirements in Southeast Asia and other countries.

In 2019, Carol was named as one of the "Women in Data" by Global Data Review, alongside the Chair of the European Data Protection Board and the General Counsel of the UK Information Commissioner's Office. In 2022, Chambers Greater China Region named Carol Sun as the UP and Coming Lawyer in "Data Protection & Privacy". 

In the area of compliance investigations, Carol Sun has represented numerous clients in dealing with employee misconduct, including trade secret infringement, embezzlement, and conflicts of interest. She has extensive experiences in leading the internal investigations and interviews, and protecting the rights and interest of clients by means of criminal reporting, civil litigation, and labor dispute resolution.

Carol Sun is frequently invited by well-known legal publishers such as Chambers, Thomson Reuters, LexisNexis, and Wolters Kluwer to give speeches and provide Chinese legal guidance on compliance and investigations, export control, anti-corruption, data security and other issues.