Shanghai improves data protection

Shanghai is raising the level of data protection in the city. A pilot program will classify and tiered data categories and develop catalogs of important data. To this end, the program will identify typical cases, develop general methods, and provide training to meet needs. The background is the Data Security Law (DSL), which includes classified… Continue reading Shanghai improves data protection

Data Compliance Can Prevent Penalties

Due to the three laws in the field of data – the Cyber Security Law, the Data Security Law and the Personal Information Protection Law – companies in China must set up a complete system to comply with data protection and security regulations. A good data compliance system can avoid warnings from administrative authorities during… Continue reading Data Compliance Can Prevent Penalties

New Specifications: IT Security of Apps in China

On November 1, 2022, the national standard GB/T 41391-2022 “Information Security Technology Basic Requirements for Mobile Internet Applications (Apps) Collecting Personal Information,” published in April, will come into force. It applies to all app operators in China and is intended to regulate personal information collection activities. This standard is relevant to all companies that operate… Continue reading New Specifications: IT Security of Apps in China

Important Data in Industry and Information Technology

The Data Security Law (DSL) requires companies to categorize their data as “general data,” “important data,” and “core data.” Which data falls into these categories varies from industry to industry. The definition of important data for the automotive industry has received the most attention so far, and also for the financial industry a detailed explanation… Continue reading Important Data in Industry and Information Technology

National Standard Provides Insight into Future Data Requirements

The requirements of the internationally widely discussed Data Security Law (DSL, effective since Sep 1, 2021) are a challenge for many companies operating in China. To establish a hierarchical protection system for data classification, China’s National Information Security Standardization Technical Committee has issued the National Standard – Guide for Important Data Identification (Draft, hereinafter referred… Continue reading National Standard Provides Insight into Future Data Requirements

Cyber Security and Data Protection: What’s in Store for 2022?

The year 2021 was – not only, but also – a turbulent year in the areas of cyber security and data protection in China. In addition to increased enforcement of the Multi-Level Protection Scheme (MLPS) in China, the implementation of which has been legally binding for companies in China since 2017 (see our webinars), many… Continue reading Cyber Security and Data Protection: What’s in Store for 2022?

Information on Important Data in China

According to the Measures on Data Export Security Assessment (Draft for Comments) and Network Data Security Management Regulation (Draft for Comments), important data and the obligations of important data processors are explained as follows:China defines critical data very broadly. Important data is data that may jeopardise national security or the public interest if it is… Continue reading Information on Important Data in China

Data Export Security Assessment: All Data Processors Are Involved

With the enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL), security management and assessment of cross-border data transfer became a key issue. Following these three laws, China’s Cyberspace Administration (CAC) published the Measures on Data Export Security Assessment (Draft for Comments) on October 29, 2021, which provides… Continue reading Data Export Security Assessment: All Data Processors Are Involved

Patents and Data: Extraterritorial Effect of Chinese Laws

China’s Five-Year Plan calls for the development of a Chinese-style socialist rule of law that also has an impact abroad. The country is to distinguish itself as a first-choice jurisdiction for resolving cross-border disputes and promote the application of Chinese law abroad. International legal and regulatory norms should be amended and the Chinese legal system… Continue reading Patents and Data: Extraterritorial Effect of Chinese Laws

Is Your Personal Data Safe with Chatbots?

Chatbots are popular in China and are part of everyday digital life. They can be found in business as well as in society, for example in customer service or as social chatbots, a kind of virtual friend of the user. One example is the app XiaoIce, which now has more than 40 million registered users… Continue reading Is Your Personal Data Safe with Chatbots?