Data Compliance Can Prevent Penalties

Due to the three laws in the field of data – the Cyber Security Law, the Data Security Law and the Personal Information Protection Law – companies in China must set up a complete system to comply with data protection and security regulations. A good data compliance system can avoid warnings from administrative authorities during… Continue reading Data Compliance Can Prevent Penalties

New Specifications: IT Security of Apps in China

On November 1, 2022, the national standard GB/T 41391-2022 “Information Security Technology Basic Requirements for Mobile Internet Applications (Apps) Collecting Personal Information,” published in April, will come into force. It applies to all app operators in China and is intended to regulate personal information collection activities. This standard is relevant to all companies that operate… Continue reading New Specifications: IT Security of Apps in China

Legal Requirements for Vulnerability Management

For some time now, CIOs around the world have been busy fixing the Log4j2 vulnerability. From a technical perspective, there are solutions such as patches and system upgrades. However, vulnerability management is not just a technical issue in China; there are also legal requirements that companies must meet.  For example, service providers are required by… Continue reading Legal Requirements for Vulnerability Management

Measures of the Cyber Security Review

China continues to strengthen its control of operators of large Internet platforms. In addition to the regulation on the use of algorithms to influence user behavior, such as recommendation algorithms, which will come into force on March 1, 2022, the Cybersecurity Review Measures will come into force on February 15, 2022. In addition to operators… Continue reading Measures of the Cyber Security Review

Data Export Security Assessment: All Data Processors Are Involved

With the enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL), security management and assessment of cross-border data transfer became a key issue. Following these three laws, China’s Cyberspace Administration (CAC) published the Measures on Data Export Security Assessment (Draft for Comments) on October 29, 2021, which provides… Continue reading Data Export Security Assessment: All Data Processors Are Involved

Is Your Personal Data Safe with Chatbots?

Chatbots are popular in China and are part of everyday digital life. They can be found in business as well as in society, for example in customer service or as social chatbots, a kind of virtual friend of the user. One example is the app XiaoIce, which now has more than 40 million registered users… Continue reading Is Your Personal Data Safe with Chatbots?

Cybersecurity Review: Didi Is Not the Last Company

In just two days, Didi, China’s largest service platform for private car ride-hailing, has gone from investor darling to the first major case of a cybersecurity review by the Chinese government against a company after a stellar IPO on Wall Street. One of the bases of this review is the Measures for Cybersecurity Review 2020,… Continue reading Cybersecurity Review: Didi Is Not the Last Company

DSL: What is “Important Data”?

The Data Security Law (DSL), which further strengthens China’s regulation of data security, will come into effect on September 1, 2021. The critical question for foreign companies is to what extent they will be affected by the DSL. The crux of the matter here is the so-called “important data.” This special category of data is… Continue reading DSL: What is “Important Data”?

China Fights Misleading through Deepfakes

China is increasingly cracking down on illegal deepfakes – fake digital representations of people in image, video or audio formats created using artificial intelligence for the purpose of deception. The counterfeiter usually collects facial or body data of a person in the form of images and uploads them to an AI algorithm. This processes the… Continue reading China Fights Misleading through Deepfakes

China Restricts Tesla Driving Permits for Civil Servants

After Tesla was first targeted by the Chinese government earlier this year over allegations of quality shortcomings, the successful e-car manufacturer is now in the spotlight over espionage allegations and threats to national security. According to recent reports, military personnel, government officials, and employees of large state-owned enterprises are no longer allowed to use Tesla-branded… Continue reading China Restricts Tesla Driving Permits for Civil Servants