A New Era of Data Compliance
数据合规的新时代
February 24, 2018 | BY
Susan MokJet Deng and Ken Dai of Dentons explain the impact of the Cybersecurity Law's data privacy and cross-border transfer rules, the commercial scope of the draft Cryptography Law, and the latest personal information infringement case rulings on businesses 大成律师事务所的邓志松律师和戴健民律师阐述了《网络安全法》中数据隐私和数据出境规定的影响、《密码法草案》的商业涵盖以及针对企业的最新个人信息侵权案裁决
1. What are the biggest challenges MNCs face with respect to complying with the new PRC Cybersecurity Law?
The concept of “critical information infrastructure” (CII) was put forward for the first time in the PRC Cybersecurity Law (CSL), which entered into force on June 1, 2017 and, among other provisions, contains restrictions on the cross-border transfer of personal information and important data collected or generated by CII operators within the territory of China. This restriction may be the biggest challenge that multinational corporations (MNCs) face with respect to complying with the CSL. Furthermore, according to the Measures for Security Assessments of the Transfer of Personal Information and Important Data Overseas (Draft for Comments) (Draft Cross-border Data Transfer Measures), a security assessment pertaining to data to be transferred abroad is required for all network operators. This means the restrictions, if enacted as drafted, will expand to beyond CII operators.
This premium content is reserved for
China Law & Practice Subscribers.
A Premium Subscription Provides:
- A database of over 3,000 essential documents including key PRC legislation translated into English
- A choice of newsletters to alert you to changes affecting your business including sector specific updates
- Premium access to the mobile optimized site for timely analysis that guides you through China's ever-changing business environment
Already a subscriber? Log In Now