Politics of the Common Good: What Companies Need to Watch Out For

A policy change is underway in China that is causing foreign companies to strategically reevaluate how they do business. The goal of the new policy is to strengthen the common good through more intensive control of markets. The relevant document is the Opinions on Accelerating the Construction of a Single National Market of China of… Continue reading Politics of the Common Good: What Companies Need to Watch Out For

App Certification in China

There are various certifications in China for protecting personal data in apps. The most important is the App Security Certification of the China Cybersecurity Review Technology and Certification Center (CCRC). It applies to apps of all service types, for example, apps developed and used in the smart home sector. However, there is one important requirement… Continue reading App Certification in China

Important Data in Industry and Information Technology

The Data Security Law (DSL) requires companies to categorize their data as “general data,” “important data,” and “core data.” Which data falls into these categories varies from industry to industry. The definition of important data for the automotive industry has received the most attention so far, and also for the financial industry a detailed explanation… Continue reading Important Data in Industry and Information Technology

Data Protection: Obstacle to the Digital Economy?

There are new proposals for data management and cross-border data transfer. For example, the issues of data ownership, use, processing and control should be clarified. Data privacy, trade secrets and national security should be regulated in certain use scenarios such as Big Data marketing, corporate data sharing and cross-border data flows. Regulation of cross-border data… Continue reading Data Protection: Obstacle to the Digital Economy?

National Standard Provides Insight into Future Data Requirements

The requirements of the internationally widely discussed Data Security Law (DSL, effective since Sep 1, 2021) are a challenge for many companies operating in China. To establish a hierarchical protection system for data classification, China’s National Information Security Standardization Technical Committee has issued the National Standard – Guide for Important Data Identification (Draft, hereinafter referred… Continue reading National Standard Provides Insight into Future Data Requirements

Cyber Security and Data Protection: What’s in Store for 2022?

The year 2021 was – not only, but also – a turbulent year in the areas of cyber security and data protection in China. In addition to increased enforcement of the Multi-Level Protection Scheme (MLPS) in China, the implementation of which has been legally binding for companies in China since 2017 (see our webinars), many… Continue reading Cyber Security and Data Protection: What’s in Store for 2022?

Important Data: More Duties for Processing

China is fleshing out its data protection rules. The Network Data Security Management Regulation (Draft for Comments), published in November 2021, provides more detailed guidance regarding the obligations of processors of important data. Data is divided into general data, important data, and national core data. Important data refers to data that may jeopardize national security… Continue reading Important Data: More Duties for Processing

Information on Important Data in China

According to the Measures on Data Export Security Assessment (Draft for Comments) and Network Data Security Management Regulation (Draft for Comments), important data and the obligations of important data processors are explained as follows:China defines critical data very broadly. Important data is data that may jeopardise national security or the public interest if it is… Continue reading Information on Important Data in China

Data Export Security Assessment: All Data Processors Are Involved

With the enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL), security management and assessment of cross-border data transfer became a key issue. Following these three laws, China’s Cyberspace Administration (CAC) published the Measures on Data Export Security Assessment (Draft for Comments) on October 29, 2021, which provides… Continue reading Data Export Security Assessment: All Data Processors Are Involved

Patents and Data: Extraterritorial Effect of Chinese Laws

China’s Five-Year Plan calls for the development of a Chinese-style socialist rule of law that also has an impact abroad. The country is to distinguish itself as a first-choice jurisdiction for resolving cross-border disputes and promote the application of Chinese law abroad. International legal and regulatory norms should be amended and the Chinese legal system… Continue reading Patents and Data: Extraterritorial Effect of Chinese Laws