Shanghai is raising the level of data protection in the city. A pilot program will classify and tiered data categories and develop catalogs of important data. To this end, the program will identify typical cases, develop general methods, and provide training to meet needs. The background is the Data Security Law (DSL), which includes classified… Continue reading Shanghai improves data protection
Due to the three laws in the field of data – the Cyber Security Law, the Data Security Law and the Personal Information Protection Law – companies in China must set up a complete system to comply with data protection and security regulations. A good data compliance system can avoid warnings from administrative authorities during… Continue reading Data Compliance Can Prevent Penalties
On November 1, 2022, the national standard GB/T 41391-2022 “Information Security Technology Basic Requirements for Mobile Internet Applications (Apps) Collecting Personal Information,” published in April, will come into force. It applies to all app operators in China and is intended to regulate personal information collection activities. This standard is relevant to all companies that operate… Continue reading New Specifications: IT Security of Apps in China
For some time now, CIOs around the world have been busy fixing the Log4j2 vulnerability. From a technical perspective, there are solutions such as patches and system upgrades. However, vulnerability management is not just a technical issue in China; there are also legal requirements that companies must meet. For example, service providers are required by… Continue reading Legal Requirements for Vulnerability Management
China continues to strengthen its control of operators of large Internet platforms. In addition to the regulation on the use of algorithms to influence user behavior, such as recommendation algorithms, which will come into force on March 1, 2022, the Cybersecurity Review Measures will come into force on February 15, 2022. In addition to operators… Continue reading Measures of the Cyber Security Review
With the enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL), security management and assessment of cross-border data transfer became a key issue. Following these three laws, China’s Cyberspace Administration (CAC) published the Measures on Data Export Security Assessment (Draft for Comments) on October 29, 2021, which provides… Continue reading Data Export Security Assessment: All Data Processors Are Involved
Chatbots are popular in China and are part of everyday digital life. They can be found in business as well as in society, for example in customer service or as social chatbots, a kind of virtual friend of the user. One example is the app XiaoIce, which now has more than 40 million registered users… Continue reading Is Your Personal Data Safe with Chatbots?
In just two days, Didi, China’s largest service platform for private car ride-hailing, has gone from investor darling to the first major case of a cybersecurity review by the Chinese government against a company after a stellar IPO on Wall Street. One of the bases of this review is the Measures for Cybersecurity Review 2020,… Continue reading Cybersecurity Review: Didi Is Not the Last Company
The Data Security Law (DSL), which further strengthens China’s regulation of data security, will come into effect on September 1, 2021. The critical question for foreign companies is to what extent they will be affected by the DSL. The crux of the matter here is the so-called “important data.” This special category of data is… Continue reading DSL: What is “Important Data”?
China is increasingly cracking down on illegal deepfakes – fake digital representations of people in image, video or audio formats created using artificial intelligence for the purpose of deception. The counterfeiter usually collects facial or body data of a person in the form of images and uploads them to an AI algorithm. This processes the… Continue reading China Fights Misleading through Deepfakes