China

China: Navigating China episode 17: China’s Draft Privacy and Security Laws – second drafts clarify compliance steps for businesses

Authors: Carolyn Bigg, Venus Cheung and Fangfang Song Second drafts of the new overarching national personal data protection and data security laws have just been published, and give a clearer picture of the impending new national frameworks in China. 1. Draft Personal Information Protection Law The Draft Personal Information Protection Law (“Draft PIPL”) will – …

China: Navigating China episode 17: China’s Draft Privacy and Security Laws – second drafts clarify compliance steps for businesses Read More »

China: Navigating China: New China encryption law passed

The new PRC Encryption Law will come into force on 1 January 2020. It will bring fundamental changes to the sale, import and use of encryption technologies in China by foreign and domestic organizations. The changes specifically bring out the following: Broader scope: the new law now governs encryption products, technologies and services, aligning more …

China: Navigating China: New China encryption law passed Read More »

China: Navigating China: Further developments in PRC data privacy regulations

An updated draft of China’s Amended Personal Information Security Specification (Amended PIS Specification) and proposed new amendments to the privacy specification for mobile apps (App Privacy Specification) were published this week, alongside brand new draft privacy regulations for the banking sector. These drafts will, if implemented, introduce some significant changes to current data protection practices …

China: Navigating China: Further developments in PRC data privacy regulations Read More »

CHINA: important new developments in PRC data privacy regulations

An updated draft of China’s Amended Personal Information Security Specification (“Amended PIS Specification”) and proposed new amendments to the privacy specification for mobile apps (“App Privacy Specification”) were published this week, alongside brand new draft privacy regulations for the banking sector. These drafts will, if implemented, introduce some significant changes to current data protection practices …

CHINA: important new developments in PRC data privacy regulations Read More »

CHINA: Data and cyber – New guidelines you need to know

In the last two weeks the Chinese authorities have been busy providing much-anticipated guidance on the practical steps organisations must take to comply with the new data protection, cybersecurity and technology regulations. In short, the key developments are: Practical implementation guidance under PRC Cybersecurity Law Draft Guidelines on Multi Level Protection Scheme (MLPS) for information …

CHINA: Data and cyber – New guidelines you need to know Read More »

CHINA: new data protection standard – what you need to know

The long awaited new National Standards on Information Security Technology – Personal Information Security Specification GB/T 35273-2017 (“PI Specification”) has now been released, and will come into force on 1 May 2018. This represents the new de facto standard for practical data protection handling, in effect complementing and clarifying the various existing data protection laws …

CHINA: new data protection standard – what you need to know Read More »

CHINA: More changes to China’s looming e-commerce law – it is time to make changes

Further amendments to the proposed China e-commerce law have been announced which will require e-commerce platform and marketplace providers to provide users with practical mechanisms to access their users’ information, make corrections or deletions of their information, and close their accounts. E-commerce operators will also be prevented from circumventing these requirements though onerous contractual conditions …

CHINA: More changes to China’s looming e-commerce law – it is time to make changes Read More »

CHINA: PRC Cybersecurity Law – take action and monitor developments to avoid losing your China business

The PRC Cybersecurity Law is three weeks old, and non-compliant international businesses are already facing severe consequences. Since 1 June, twenty-two people engaged by a global technology giant have been arrested, and sixty online entertainment news sites have been shut down. The law continues to evolve. The latest guidance provides practical answers to previous areas …

CHINA: PRC Cybersecurity Law – take action and monitor developments to avoid losing your China business Read More »

CHINA: PRC Cybersecurity Law – one week to go, and there are still new developments

The final countdown is on. The PRC Cybersecurity Law comes into force on 1 June 2017. This date marks a significant evolution in both the legal and enforcement environment for data protection in China, and organisations can no longer afford to ignore it. Indeed, there have been important new developments in the last few weeks …

CHINA: PRC Cybersecurity Law – one week to go, and there are still new developments Read More »

CHINA: significant changes to data and cybersecurity practices under PRC Cybersecurity Law

After a third deliberation, the Chinese government passed the new PRC Cybersecurity Law on 7 November 2016. The new law will come into force on 1 June 2017 and has significant implications for the data privacy and cybersecurity practices of both Chinese companies and international organisations doing business in China. The new PRC Cybersecurity Law …

CHINA: significant changes to data and cybersecurity practices under PRC Cybersecurity Law Read More »

CHINA: data localisation – a growing trend?

Foreign companies operating in China, or looking to enter the Chinese market, are increasingly concerned as to whether Chinese law restricts cross-border transfers of personal data collected in China. In light of recent developments, is there a growing trend in China towards data localisation? As is generally the case with China’s data privacy framework, there …

CHINA: data localisation – a growing trend? Read More »