Important Data in Industry and Information Technology

The Data Security Law (DSL) requires companies to categorize their data as “general data,” “important data,” and “core data.” Which data falls into these categories varies from industry to industry. The definition of important data for the automotive industry has received the most attention so far, and also for the financial industry a detailed explanation… Continue reading Important Data in Industry and Information Technology

National Standard Provides Insight into Future Data Requirements

The requirements of the internationally widely discussed Data Security Law (DSL, effective since Sep 1, 2021) are a challenge for many companies operating in China. To establish a hierarchical protection system for data classification, China’s National Information Security Standardization Technical Committee has issued the National Standard – Guide for Important Data Identification (Draft, hereinafter referred… Continue reading National Standard Provides Insight into Future Data Requirements

Information on Important Data in China

According to the Measures on Data Export Security Assessment (Draft for Comments) and Network Data Security Management Regulation (Draft for Comments), important data and the obligations of important data processors are explained as follows:China defines critical data very broadly. Important data is data that may jeopardise national security or the public interest if it is… Continue reading Information on Important Data in China

Data Export Security Assessment: All Data Processors Are Involved

With the enactment of China’s Cybersecurity Law (CSL), Data Security Law (DSL), and Personal Information Protection Law (PIPL), security management and assessment of cross-border data transfer became a key issue. Following these three laws, China’s Cyberspace Administration (CAC) published the Measures on Data Export Security Assessment (Draft for Comments) on October 29, 2021, which provides… Continue reading Data Export Security Assessment: All Data Processors Are Involved

Patents and Data: Extraterritorial Effect of Chinese Laws

China’s Five-Year Plan calls for the development of a Chinese-style socialist rule of law that also has an impact abroad. The country is to distinguish itself as a first-choice jurisdiction for resolving cross-border disputes and promote the application of Chinese law abroad. International legal and regulatory norms should be amended and the Chinese legal system… Continue reading Patents and Data: Extraterritorial Effect of Chinese Laws

Cybersecurity Review: Didi Is Not the Last Company

In just two days, Didi, China’s largest service platform for private car ride-hailing, has gone from investor darling to the first major case of a cybersecurity review by the Chinese government against a company after a stellar IPO on Wall Street. One of the bases of this review is the Measures for Cybersecurity Review 2020,… Continue reading Cybersecurity Review: Didi Is Not the Last Company

DSL: What is “Important Data”?

The Data Security Law (DSL), which further strengthens China’s regulation of data security, will come into effect on September 1, 2021. The critical question for foreign companies is to what extent they will be affected by the DSL. The crux of the matter here is the so-called “important data.” This special category of data is… Continue reading DSL: What is “Important Data”?

China’s New Data Protection Law Requires More Compliance

The National People’s Congress presented the draft for the new Data Security Law (DSL) in July 2020. In contrast to the Cyber Security Law (CSL), which has been in force since 2017, the Data Security Law will regulate all data activities within the country. The scope of the new DSL law is thus exceptionally broad:… Continue reading China’s New Data Protection Law Requires More Compliance