China passed its Personal Information Protection Law (PIPL) on 20 August 2021. This is China’s first omnibus data protection law, and will take effect from 1 November 2021 allowing companies just over two months to prepare themselves. The PIPL is
china
China passes the Personal Information Protection Law
China passed its Personal Information Protection Law (PIPL) on 20 August 2021. The new law will take effect from 1 November 2021 allowing companies just over 2 months to prepare themselves. The full text has not been made public yet.…
New Chinese Measures for Personal Data Cross-Border Transfer Security Assessments
On June 13, 2019 Measures for Personal Data Cross-Border Transfer Security Assessments were issued by the Cyberspace Administration of China.…
New China Guideline for Internet Personal Information Security Protection
On November 30, 2018 the Cyber Security Protection Bureau, under the auspices of the PRC Ministry of Public Security (the “MPS”), issued a draft Guideline for Internet Personal Information Security Protection (the “Guideline”) along with a request for public comments.
China issues Personal Information Security Specification
The Standardization Administration of China issued an Information Security Technology – Personal Information Security Specification,
which will come into effect on 1 May 2018.…
China Amends Draft Regulation on Cross-Border Data Transfer
We have just received a revised draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (Measures). Here we outline the changes made to the draft Measures first issued on 11 April 2017 for public comment (see our previous briefing and blog post here). The revised draft is likely to be the final version of the Measures. The Measures are to take effect on the same day as China’s Cyber Security Law (Cyber Security Law) on 1 June 2017.
Cross-border data transfers: China issues new measures to strengthen data localisation
The Cyberspace Administration of China (CAC) issued draft measures for implementing the data localisation provisions under the Cybersecurity Law of China (Cybersecurity Law) and the National Security Law of China on 11 April 2017. The draft regulations are open for public comment until 11 May 2017.
China Cybersecurity: New Law Increases Security Regulation Over Cyberspace
On November 7, 2016, the Standing Committee of China’s National People’s Congress (NPC) voted to pass the Cyber Security Law (unofficial English translation). Its draft has gone through three rounds of readings and it will become effective from June 1, 2017. This legislation provides for the Chinese government’s supervisory jurisdiction over cyberspace, defines security obligations for network operators and enhances the protection over personal information. It also establishes a regulation regime in respect of critical information infrastructure and imposes data localization requirements for certain industries.
In this post, we outline the key changes it will bring about and discuss the implications for businesses in China.
China’s proposed Cyber Security Law to have far reaching consequences for businesses operating in the country
On July 6, 2015, China’s top legislative body – the National People’s Congress – published a draft Cyber Security Law that, if enacted in its current form, will have far-reaching consequences for businesses operating in China.
The draft expressly provides that the law will apply equally to both Chinese and international businesses.
China requires providers to enforce real-name registration and ban on “harmful” usernames
The Cyberspace Administration of China announced on February 4, 2015 new regulations requiring Internet users to register accounts under their real names for social network sites like blogs, discussion forums, comment sections, instant messaging, and related services. The rules impose…