On the eve of the “Golden Week” in China, the Cyberspace Administration of China (CAC) published the draft Provisions on Regulating and Promoting Cross-Border Data Transfers (the “Draft Provisions”) on 28 September 2023.1

The Draft Provisions provide a welcome rollback of some of the onerous cross-border data transfer regime, first introduced by the Personal

The Secretariat of the National Information Security Standardisation Technical Committee (TC260) released a draft revision of the Technical Specification for Certification of Cross-Border Transfers of Personal Information (Certification Specification V2.0) on 8 November 2022, nearly five months after it issued the finalised specification of the same name (Certification Specification V1.0) (see our previous Legal Update

New ‘Draft Rules for the Regulations on the Management of Human Genetic Resources’ (Draft Rules) were issued by the Ministry of Science and Technology of the PRC (MOST) on 14 March 2022.

Issued pursuant to the Biosecurity Law and the Data Security Law, the Draft Rules are a response from the government to the growing

On 24 June 2022, the Secretariat of the National Information Security Standardisation Technical Committee (TC260) issued the Technical Specification for Certification of Cross-Border Transfers of Personal Information (the Certification Specification), eight weeks after it first issued the draft of the same name (the Draft). The relatively speedy finalisation of the Certification Specification is a reflection

More than nine months after the Personal Information Protection Law (PIPL) came into force in the PRC, the Cyberspace Administration of China (CAC) issued the long-awaited Draft Provisions on Standard Contracts for the Export of Personal Information (Draft Provisions) on 30 June 2022.

The Draft Provisions supplement Article 38(3) of the PIPL, which provides that

On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued a Guidance Note on the Recommended Model Contractual Clauses for Cross-border Transfers of Personal Data (2022 Guidance).

The 2022 Guidance is split into three “parts”:

  1. Part 1 is an introduction of the 2022 Guidance and the rationale underpinning it;
  2. Part 2

New draft Regulations on the Online Protection of Minors (Draft Regulations) were released by the Cyberspace Administration of China (CAC) on 14 March 2022. They update the 2016 Draft Regulations of the same name which were released for public comment but never adopted.

The latest Draft Regulations have been issued pursuant to the PRC Law

On 2 March 2022, the Cyberspace Administration of China (“CAC”) issued draft regulations on the administration of internet pop-up push notifications (the “Draft Regulations”). The Draft Regulations were issued pursuant to a number of laws, including the Cybersecurity Law.

The Draft Regulations bid to further tighten government control over the news followed a

In this National Cybersecurity Awareness Month conversation, Mayer Brown lawyers from our global practice will discuss the latest legal trends and developments relating to cybersecurity in China, Europe and the UK. Topics will include:

  • The implications for international businesses seeking to comply with China’s new Data Security Law and Personal Information Protection Law in combination

On 20 August 2021, China’s much anticipated Personal Information Protection Law (PIPL) was passed. The new law will come into force on 1 November 2021. The PIPL, Cybersecurity Law and the new Data Security Law (which came into force on 1 September 2021) now form the main legal framework governing data security and the handling