The enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL, together with the CSL and the DSL, “Data Security Laws”) has significantly reshaped the landscape of data security and personal privacy for China, not just within its own borders but also in the context of cross-border data transfers. The broad scope and ambiguous language of these Data Security Laws, however, introduce a heightened level of complexity to the process of discovery in US litigation involving Chinese entities or individuals or other sensitive or personal data in China. This article explores the intricacies of these laws and accompanying regulations and rules and their implications for US litigants pursuing discovery from Chinese counterparts, as well as for Chinese entities and individuals who are subject to discovery requests in US federal litigation.