On 19 May 2017, the Cyberspace Administration of China released a revised draft of its Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures. The draft emerged just over a week after public comments closed on the first draft of the measures. the Second Draft Export Review Measures do, to an extent, relax some of the more stringent requirements stated in the First Draft Export Review Measures and originally due to become law on 1 June, 2017 when China’s Cyber Security Law takes effect. However, the revised draft measures as set out in the Second Draft Export Review Measures still leave a significant compliance challenge for multi-national businesses operating in China . We explore the Second Draft Export Review Measures below.
While personal data privacy law has been developing in many jurisdictions with the increasing prevalence of internet usage, the People’s Republic of China has not yet enacted comprehensive laws or regulations governing the collection, use and transfer of personal data. However, this may change soon, as indicated by the recent issuance of the draft Information Security Technology — Guide of Personal Information Protection (the “Guidelines”, issued jointly by the General Administration of Quality Supervision Inspection and Quarantine and the Standardization Administration of the PRC on 30 January 2011).
This post was provided by Julia Peng of Hogan Lovells’ Beijing office. On 19 October 2010, the People’s Republic of China (“PRC”) State Administration of Industry and Commerce ("SAIC") issued the Second Revision of the PRC Consumer Protection Law (Draft for Comments) (the "Draft Consumer Law"). A significant addition to the Draft Consumer Law is […]