On 22 March, 2024, the Cyberspace Administration of China (“CAC”) finalized its Provisions to Promote and Regulate Cross-Border Data Transfers (“Final Provisions”). The Final Provisions were long anticipated following a...more
On December 13, 2023, the Cyberspace Administration of China (“CAC”) and the Innovation, Technology and Industry Bureau of the Hong Kong Special Administrative Region (“Hong Kong”) Government (“HK ITIB”) jointly released the...more
On 8 December 2023, the Cyberspace Administration of China (the “CAC”) published draft Administrative Measures for Cybersecurity Incidents Reporting (the “Draft CAC Measures”). The following weekend, on 16 December 2023, the...more
On November 1, 2023, the National Information Security Standardization Technical Committee (全国信息安全标准化技术委员会) (“TC260”, a policy-making body under the Cyberspace Administration of China (“CAC”)) launched a public consultation...more
On 28 September, 2023, the Cyberspace Administration of China (“CAC”) released draft Provisions on Regulating and Promoting Cross-Border Data Transfers (the “Draft Provisions”) for public consultation. The consultation...more
China’s Interim Administrative Measures for Generative Artificial Intelligence Services (“AI Measures”) took effect from August 15, 2023. Jointly published by the Cyberspace Administration of China (“CAC”), the Ministry of...more
On 30 May 2023, the Cyberspace Administration of China (the “CAC”) published guidance for the use of the Standard Contractual Clauses applicable to international transfers of personal information from mainland China (the...more
On April 25, 2023, the state-backed Guiyang Big Data Exchange (GYDE) announced that it has facilitated and supervised the unprecedented floor trading of personal data in China. To date, no provisions have been put in place to...more
On February 24, 2023, the Cyberspace Administration of China ("CAC") released the final version of the Measures on the Standard Contract for the Cross-border Transfer of Personal Information ("SCCs Measures") along with the...more
As part of a new Asia-Pacific (APAC) Life Sciences and Health Care webinar program designed both for companies with commercial interests in APAC and for companies based in the region, Hogan Lovells is hosting a special...more
9/23/2022
/ China ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Popular
On 31 August 2022, the Cyberspace Administration of China (CAC) finalized the security assessment application guidelines and template application form (Security Assessment Application Guideline) under the Measures for...more
Recent weeks have seen a flurry of activity in China’s regulation of international data transfers. Three principal data laws, the Cyber Security Law (“CSL”), the Data Security Law (“DSL”) and the Personal Information...more
China's Personal Information Protection Law (PIPL) took effect 1 November 2021, significantly raising the bar for data protection compliance in China. One of the key concerns is the regulation of international transfers of...more
Six months have now passed since China's Personal Information Protection Law (PIPL) became effective on November 1, 2021. As noted below, Chinese authorities have recently stepped up enforcement actions relative to PIPL....more
On 20 August 2021, China’s National People’s Congress passed the Personal Information Protection Law (PIPL). The PIPL has a rapid timeframe for implementation, taking effect on 1 November 2021. The brief transition period...more
On 6 July 2021, the Standing Committee of People’s Congress in Shenzhen released the Data Regulations of Shenzhen Special Economic Zone (the Shenzhen Data Regulation), which will come into force as of 1 January 2022. The...more
China’s National People’s Congress (NPC) promulgated the Data Security Law of the People’s Republic of China (DSL) on June 10, 2021. The DSL will take effect September 1, 2021, making for a very brief transition period...more
On 29 April, China’s National People’s Congress released the second consultation draft of the Personal Information Protection Law (New PIPL Draft). Public comments are open through 28 May 2021. The first draft of the Personal...more
6/3/2021
/ China ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
International Data Transfers ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Agenda ,
Standard Contractual Clauses
The unprecedented challenges of the COVID‑19 pandemic are still with us, not only in terms of the grim toll the virus has taken on individuals and families, but also in terms of wider implications for how people and societies...more
4/14/2021
/ Asia Pacific ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Agenda
More than one year after the release of a draft amended version of the GB/T 35273-2017 Information Security Technology – Personal Information Security Specification (the 2017 Specification) for public comments in January...more
Two years on since the first draft, the final act of the legislative passage saga of the long-awaited People's Republic of China Encryption Law ended with its promulgation on 26 October 2019. It will take effect on 1 January...more
Whilst political uncertainty may have businesses’ attention fixed, the Hogan Lovells Global Survey on Digital Regulation: ‘A Turning Point for Tech’ suggests that tech companies should be looking elsewhere. During yesterday’s...more
10/31/2019
/ 5G Network ,
Big Tech ,
Business Model ,
Competition ,
Copyright ,
Corporate Taxes ,
Cybersecurity ,
Data Protection ,
Digital Platforms ,
Enforcement Programs ,
EU ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Privacy Concerns ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Standards ,
United Arab Emirates (UAE)
On 28 May 2019, the Cyberspace Administration of China (CAC) released the draft Measures on the Administration of Data Security (Data Security Measures, see our in-house English translation here) for public...more
The cybersecurity classified protection regime attracted significant attention when it was included in the Peoples Republic of China (PRC) Cyber Security Law promulgated in 2017 (the CSL). The CSL mandates that network...more
On 1 February, 2019, the National Information Security Standardization Technical Committee issued an amended version of the GB/T 35372-2017 Information Technology – Personal Information Security Specification for public...more