China is fleshing out its data protection rules. The Network Data Security Management Regulation (Draft for Comments), published in November 2021, provides more detailed guidance regarding the obligations of processors of important data. Data is divided into general data, important data, and national core data. Important data refers to data that may jeopardize national security… Continue reading Important Data: More Duties for Processing
Category: Compliance
Data Export Security Assessment: All Data Processors Are Involved
With the enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL), security management and assessment of cross-border data transfer became a key issue. Following these three laws, China’s Cyberspace Administration (CAC) published the Measures on Data Export Security Assessment (Draft for Comments) on October 29, 2021, which provides… Continue reading Data Export Security Assessment: All Data Processors Are Involved
Patents and Data: Extraterritorial Effect of Chinese Laws
China’s Five-Year Plan calls for the development of a Chinese-style socialist rule of law that also has an impact abroad. The country is to distinguish itself as a first-choice jurisdiction for resolving cross-border disputes and promote the application of Chinese law abroad. International legal and regulatory norms should be amended and the Chinese legal system… Continue reading Patents and Data: Extraterritorial Effect of Chinese Laws
The PIPL Requires Data Mapping of Personal Information
With the new Personal Information Protection Law (PIPL), the assessment of the impact on data subjects through the Personal Information Security Impact Assessment (PISIA) becomes the center of attention. PISIA assesses the legal compliance of current personal data processing, identifies the risks to data subjects, and evaluates the effectiveness of the data protection measures taken.… Continue reading The PIPL Requires Data Mapping of Personal Information
Is Your Personal Data Safe with Chatbots?
Chatbots are popular in China and are part of everyday digital life. They can be found in business as well as in society, for example in customer service or as social chatbots, a kind of virtual friend of the user. One example is the app XiaoIce, which now has more than 40 million registered users… Continue reading Is Your Personal Data Safe with Chatbots?
Who Is Operator of Critical Information Infrastructure?
Critical Information Infrastructure Operators (CIIOs) are a central and so far vague concept of China’s new cybersecurity and data protection system. With the regulations on critical information infrastructure protection (“the regulations”) that came into force on September 1, 2020, the government is now creating more transparency, but at the same time increasing the pressure on… Continue reading Who Is Operator of Critical Information Infrastructure?
Regionalization: Avoiding Loss of Control
Many international companies are currently considering regionalizing their production and upstream supply chains for specific markets to a greater extent and making their subsidiaries in different world regions more independent of each other. The goal is to secure supply chains by deepening regional value creation and to better meet regional customer needs through regionally manufactured… Continue reading Regionalization: Avoiding Loss of Control
The Personal Information Protection Law (PIPL) Challenges Companies
After three revisions, China’s Personal Information Protection Law (PIPL), which has received much attention abroad, will come into force on November 1, 2021. It comprehensively protects personal data, going beyond the European General Data Protection Regulation (GDPR) – a milestone in Chinese legal history. Take Big Data price discrimination, for example: it refers to the… Continue reading The Personal Information Protection Law (PIPL) Challenges Companies
The German Supply Chain Act Requires in China Compliance
The new German Supply Chain Act (LkSG) brings far-reaching new due diligence requirements for managers. They must strive to avoid risks related to the violation of human rights and the environment and to manage the company responsibly across borders. The law, which will apply from 2023, initially only affects German companies with more than 3,000… Continue reading The German Supply Chain Act Requires in China Compliance
Cybersecurity Review: Didi Is Not the Last Company
In just two days, Didi, China’s largest service platform for private car ride-hailing, has gone from investor darling to the first major case of a cybersecurity review by the Chinese government against a company after a stellar IPO on Wall Street. One of the bases of this review is the Measures for Cybersecurity Review 2020,… Continue reading Cybersecurity Review: Didi Is Not the Last Company
China Intellectual Property Blog 