On September 24, 2024, the State Council released the Regulations on the Management of Network Data Security (《网络数据安全管理条例》) (“Regulations”). The Regulations focus on prominent issues related to Personal Information (PI),...more
10/14/2024
/ China ,
Consent ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
International Data Transfers ,
Notice Requirements ,
Personal Data ,
Personal Information ,
Sensitive Personal Information
China’s draft Amended Anti-Money Laundering (AML) Law1 (AML Law) was submitted to the Standing Committee of the National People's Congress (NPC) on September 10 for the second of what are generally three readings....more
10/1/2024
/ Anti-Money Laundering ,
Beneficial Owner ,
China ,
Compliance ,
Cross-Border Transactions ,
Customer Due Diligence (CDD) ,
Data Privacy ,
National Security ,
Penalties ,
Pending Legislation ,
Personal Data ,
Popular ,
Proposed Amendments
The Cyberspace Administration of China (“CAC”) on September 28, 2023 issued the draft Provisions on the Regulation and Promotion of Cross-Border Data Flows (“draft Provisions”), just one year after China’s data export...more
10/13/2023
/ China ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Popular ,
Standard Contractual Clauses
Article 38 of China’s Personal Information Protection Law (“PIPL”) enacted in 2021, which is more demanding than GDPR in Europe, provides three channels to conduct the outbound transfer or export of personal information...more
2/24/2023
/ Certification Requirements ,
China ,
Cybersecurity ,
Data Privacy ,
Data Processors ,
Data Security ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Standard Contractual Clauses
On December 16, 2022 – less than six months after the initial version (“V1.0”) was released in June 2022, and within six weeks after the draft revision was issued on November 8 – the National Information Security...more
The Cyberspace Administration of China (“CAC”) on November 14, 2021 published the draft Regulations on the Administration of Network Data Security (“Draft Regulations”) for comment through December 13, 2021.1 The Draft...more
12/7/2021
/ China ,
Cybersecurity ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Extraterritoriality Rules ,
International Data Transfers ,
National Security ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Proposed Regulation ,
Regulatory Requirements
China’s Personal Information Protection Law (PIPL or the final version), following the first two readings in October 2020 and April 2021, was adopted on August 20, 2021 and will become effective on November 1, 2021. The final...more
8/31/2021
/ China ,
Consumer Privacy Rights ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Employee Privacy Rights ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Treaties ,
New Legislation ,
Personal Data
The State Administration for Market Regulation (SAMR) and Standardization Administration of China (SAC) jointly published the Information Security Technology – Personal Information Security Specification (GB/T 35273-2020) (PI...more