China’s Cybersecurity Law was issued on November 7, 2016, by the Standing Committee of the National People’s Congress, and it came into effect on June 1, 2017. The Cybersecurity Law marks the first comprehensive law in China specifically regulating cybersecurity.
The Cybersecurity Law contains detailed requirements that covered entities must meet, and it imposes significant legal liabilities for companies that breach its provisions. However, there are still many uncertainties regarding its operation and enforcement in practice, as several anticipated implementing regulations are yet to be formally issued. Notwithstanding these uncertainties, China has already started bringing enforcement actions against companies for violations of the Cybersecurity Law. Given the evolving cybersecurity landscape, companies operating in or collecting data from China should prioritize compliance and continue to monitor China’s new Cybersecurity Law and corresponding regulations.
Please see full publication below for more information.