New Security Assessment for Cross-Border Data Transfer
July 29, 2022 | BY
Susan MokJianwei (Jerry) Fang and Runyang Liu of Zhong Lun Law Firm discuss the newly released rules for the transfer of data overseas and the compliance requirements provided by the Cyberspace Administration of China.
Summary
|
- The Measures mandate a self-evaluation and application for a CAC-led security assessment for certain types of overseas data transfer.
- The assessment must be completed within 45 business days upon CAC's issuance of the written acceptance notice and is subject to an unspecified extension if necessary.
- A data transfer contract is required to be included in the security assessment application.
On July 7, 2022, the Cyberspace Administration of China (CAC) released the Measures for the Security Assessment of Overseas Transfer of Data (the "Measures"), which will take effect on Sept. 1, 2022. Entities that seek to transfer data overseas may be subject to a security assessment if they fall within the circumstances provided for under the Measures.
A data processor must first conduct a self-evaluation of risks associated with the overseas provision of data before applying for a CAC-led security assessment
This premium content is reserved for
China Law & Practice Subscribers.
A Premium Subscription Provides:
- A database of over 3,000 essential documents including key PRC legislation translated into English
- A choice of newsletters to alert you to changes affecting your business including sector specific updates
- Premium access to the mobile optimized site for timely analysis that guides you through China's ever-changing business environment
Already a subscriber? Log In Now