China is seeking to take a significant step to relax the compliance burden on multinational corporations (MNCs) regarding data export from China by allowing: (i) certain routine data exports for daily business operation or...more
On 1 June 2023, new measures explaining the requirements for using the standard contract (China Standard Contract) mechanism to legally export personal information from China as well as the form of the “standard contract”...more
In this episode, partners Amigo Xie, Corey Bieber, and Whitney McCollum focus on the China Data Privacy laws, the recent China Standard Contract that took effect 1 June 2023, and the effects and restrictions it may have on...more
In our previous posts, we discussed what data export activities are subject to scrutiny assessment (CAC Assessment) conducted by the Cyberspace Administration of China (CAC) (see Part 1) and examined what companies must do...more
In a recent alert, we painted the big picture of the security assessment conducted by the Cyberspace Administration of China (CAC) to data exporting activities from China (CAC Assessment), highlighting what data export...more
With the rapid development of the global digital economy, multinational companies (MNCs) have been forced to find legally compliant ways to transfer data across borders. In the past, many MNCs relied on data transfer...more
As China enhances its cybersecurity and data protection regime, the processing of personal information, and in particular the information of customers and employees, has come into focus under the Personal Information...more
Multinational entities with operations in or having business with the People’s Republic of China (PRC) should take note of the PRC’s new Personal Information Protection Law (PIPL), which took effect on 1 November 2021 and is...more
The Personal Information Protection Law (PIPL), which is considered the first comprehensive law on personal information protection in People’s Republic of China (PRC or China), came into effect on 1 November 2021. Prior to...more
On 30 July 2021, the State Council promulgated the Regulations on the Security Protection of Critical Information Infrastructure (the Regulation), which took effect on 1 September 2021. This Regulation dovetails with the...more
On 10 June 2021, the Standing Committee of the National People’s Congress of China (NPCSC) approved the enactment of Data Security Law (the DSL) of the People’s Republic of China (PRC), which will take effect on 1 September...more
The full text of the Law of the People’s Republic of China on Personal Information Protection (Draft) (the Draft) was released on 21 October 2020 for public comments by 19 November 2020....more