The Chinese Cyberspace Administration has announced the Standard Contractual Measures for the Export of Personal Data. The purpose of these measures, which will take effect on June 1, 2023, is to protect the interests and rights of individuals regarding their data and to regulate the export of personal data. The Measures set out the scope,… Continue reading Export of Personal Data
Category: Cyber security
Beijing relies on data-driven growth
The Chinese Government has issued guidelines for the development of the data security sector. The goal is to increase the use of data for economic growth and improve control over data access and storage. The ultimate goal is to economically harness the potential of the vast amounts of data generated by the digital economy while… Continue reading Beijing relies on data-driven growth
Cross-Border Data Sovereignty through Key Management
Controlling cross-border data flows is part of China’s decoupling. Beijing wants to avoid losing control over data in the digital world and thus forfeiting digital sovereignty, i.e. strategic autonomy and room to maneuver. Innovative Western companies are also hesitant when it comes to cross-border digital networking with Chinese companies – for example, in the internationalization… Continue reading Cross-Border Data Sovereignty through Key Management
New measures for Data Security Management
China continues to regulate data security. The Data Security Management Measures in the Field of Industry and Information Technology, which took effect on January 1, 2023, further specify the management of the entire life cycle of data. Companies should primarily pay attention to the following four requirements: Data localization: It is not explicitly required that… Continue reading New measures for Data Security Management
Cybersecurity Law: Fines Significantly Increased
The Cybersecurity Law (CSL), China’s first fundamental law to comprehensively regulate cybersecurity issues, is about to undergo its first revision. A key feature of the proposed amendments is a significant increase in penalties for network operators and critical infrastructure operators that fail to comply with relevant cybersecurity protection obligations. For example, the fine range for… Continue reading Cybersecurity Law: Fines Significantly Increased
Security, Science and Technology
Political speeches and documents are known to provide valid clues to future developments in the PRC. Analysts therefore try to extract priorities and orientations from the phraseology, word choice, and frequency of terms related to the 20th Party Congress. In doing so, they also take into account minor changes in phrases that have appeared at… Continue reading Security, Science and Technology
New data exchange in Canton
China has launched another data exchange in Nansha, Guangzhou. So far, more than 300 traders and companies have applied to join the Data Exchange, and around 200 trading objects have already been registered. These are data products, services and capabilities in areas such as artificial intelligence, intelligent transportation, smart manufacturing, smart finance, business services, medicine… Continue reading New data exchange in Canton
Shanghai improves data protection
Shanghai is raising the level of data protection in the city. A pilot program will classify and tiered data categories and develop catalogs of important data. To this end, the program will identify typical cases, develop general methods, and provide training to meet needs. The background is the Data Security Law (DSL), which includes classified… Continue reading Shanghai improves data protection
Cross-Border Data Transfer outside China: Attentive to the Rectification Period
Companies operating in China should be attentive to the Measures on Security Assessment of Cross-Border Data Transfers (Measures), published on July 7, 2022, as they take effect as early as September 1, 2022. Among other things, the Measures require data processors to conduct a security assessment when: 1. Providing critical data outside of China. 2.… Continue reading Cross-Border Data Transfer outside China: Attentive to the Rectification Period
Compliance Requirements for Software Development Kits (SDK)
China continues to regulate the collection of private data in apps. For example, the importance of compliance with software development kits (SDKs) has increased significantly. Since June 2021, the authorities have been cracking down on the illegal use of SDKs in apps with SDK Security Special Actions. A software development kit is a collection of… Continue reading Compliance Requirements for Software Development Kits (SDK)
China Intellectual Property Blog 