Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: Cyber Security Law

Posted in International/EU Privacy

China’s Revised Draft Data Localisation Measures

On 19 May 2017, the Cyberspace Administration of China released a revised draft of its Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures. The draft emerged just over a week after public comments closed on the first draft of the measures. the Second Draft Export Review Measures do, to an extent, relax some of the more stringent requirements stated in the First Draft Export Review Measures and originally due to become law on 1 June, 2017 when China’s Cyber Security Law takes effect. However, the revised draft measures as set out in the Second Draft Export Review Measures still leave a significant compliance challenge for multi-national businesses operating in China . We explore the Second Draft Export Review Measures below.

Posted in International/EU Privacy

“Cybersecurity Review” Takes Shape in China

On 4 February 2017, the Cyberspace Administration of China issued a draft of the Network Products and Services Security Review Measures for public comment: the Draft Measures remain open for comments until 4 March 2017. The Draft Measures are follow-on legislation to China’s Cyber Security Law adopted on 7 November 2016, which will take effect from 1 June 2017.

Posted in Cybersecurity & Data Breaches, International/EU Privacy

China Passes Controversial Cyber Security Law

China’s Cyber Security Law, which will take effect from 1 June, 2017 was adopted on 7 November. The third draft of the law adopted by the Standing Committee of the National People’s Congress, China’s highest legislative authority, contained few changes from the second draft put forward for comment in July, 2016. The net result is continued controversy coupled with a dose of uncertainty (never a good combination), with multi-national businesses in particular questioning the intent of the law and criticising its vagueness. The final draft contains a number of broadly-framed defined terms that are critical to its interpretation which continue to leave much to be resolved through detailed measures that may or may not follow, as a lack of clarity leaves room for interpretation. All in all, the direction of travel is towards a much more heavily regulated Chinese internet and technology sector, with an open question as to whether China’s cyber space will be integrated with the rest of the world in the coming years or will plough its own virtual furrow.