Cybersecurity Law: Fines Significantly Increased

The Cybersecurity Law (CSL), China’s first fundamental law to comprehensively regulate cybersecurity issues, is about to undergo its first revision. A key feature of the proposed amendments is a significant increase in penalties for network operators and critical infrastructure operators that fail to comply with relevant cybersecurity protection obligations. For example, the fine range for… Continue reading Cybersecurity Law: Fines Significantly Increased

Security, Science and Technology

Political speeches and documents are known to provide valid clues to future developments in the PRC. Analysts therefore try to extract priorities and orientations from the phraseology, word choice, and frequency of terms related to the 20th Party Congress. In doing so, they also take into account minor changes in phrases that have appeared at… Continue reading Security, Science and Technology

New data exchange in Canton

China has launched another data exchange in Nansha, Guangzhou. So far, more than 300 traders and companies have applied to join the Data Exchange, and around 200 trading objects have already been registered. These are data products, services and capabilities in areas such as artificial intelligence, intelligent transportation, smart manufacturing, smart finance, business services, medicine… Continue reading New data exchange in Canton

Shanghai improves data protection

Shanghai is raising the level of data protection in the city. A pilot program will classify and tiered data categories and develop catalogs of important data. To this end, the program will identify typical cases, develop general methods, and provide training to meet needs. The background is the Data Security Law (DSL), which includes classified… Continue reading Shanghai improves data protection

Cross-Border Data Transfer outside China: Attentive to the Rectification Period

Companies operating in China should be attentive to the Measures on Security Assessment of Cross-Border Data Transfers (Measures), published on July 7, 2022, as they take effect as early as September 1, 2022.  Among other things, the Measures require data processors to conduct a security assessment when: 1. Providing critical data outside of China. 2.… Continue reading Cross-Border Data Transfer outside China: Attentive to the Rectification Period

Compliance Requirements for Software Development Kits (SDK)

China continues to regulate the collection of private data in apps. For example, the importance of compliance with software development kits (SDKs) has increased significantly. Since June 2021, the authorities have been cracking down on the illegal use of SDKs in apps with SDK Security Special Actions. A software development kit is a collection of… Continue reading Compliance Requirements for Software Development Kits (SDK)

Establishment of Corporate IP Compliance

In the context of building a dual circulation system and creating a unified domestic market, China is guiding all enterprises to strengthen their compliance management to prevent business risks at home and abroad, promote modernization and transformation, and improve competitiveness. The compliance system is to cover areas such as market transactions, environment, human resources, finance,… Continue reading Establishment of Corporate IP Compliance

Certification for Systems of Data Security Management

The Chinese Government has been encouraging companies to have mobile app certifications for some time. Search engines and app stores are encouraged to prioritize applications from companies that have certifications. Now, enterprise data security management certification is also to be developed. In early June 2022, the General Administration of Market Supervision and the Office of… Continue reading Certification for Systems of Data Security Management

New Data Exchanges in China

On April 10, 2022, the Chinese government announced to accelerate the construction of the unified domestic market. Part of this is to also establish a data market to promote Big Data applications and AI development, focusing on data security and control of cross-border data transfer. To be allowed to provide data outside China, data processors… Continue reading New Data Exchanges in China

Data Compliance Can Prevent Penalties

Due to the three laws in the field of data – the Cyber Security Law, the Data Security Law and the Personal Information Protection Law – companies in China must set up a complete system to comply with data protection and security regulations. A good data compliance system can avoid warnings from administrative authorities during… Continue reading Data Compliance Can Prevent Penalties