The Secretariat of the National Information Security Standardisation Technical Committee (TC260) released a draft revision of the Technical Specification for Certification of Cross-Border Transfers of Personal Information (Certification Specification V2.0) on 8 November 2022, nearly five months after it issued the finalised specification of the same name (Certification Specification V1.0) (see our previous Legal Update
New Draft Rules for Human Genetic Resources Management Issued by China
New ‘Draft Rules for the Regulations on the Management of Human Genetic Resources’ (Draft Rules) were issued by the Ministry of Science and Technology of the PRC (MOST) on 14 March 2022.
Issued pursuant to the Biosecurity Law and the Data Security Law, the Draft Rules are a response from the government to the growing…
Specification for Certification of Cross-border Transfers of Personal Information Released by China – Key Provisions and Takeaways
On 24 June 2022, the Secretariat of the National Information Security Standardisation Technical Committee (TC260) issued the Technical Specification for Certification of Cross-Border Transfers of Personal Information (the Certification Specification), eight weeks after it first issued the draft of the same name (the Draft). The relatively speedy finalisation of the Certification Specification is a reflection…
(Not So) Standard Contracts? Draft Standard Contracts Finally Released in China
More than nine months after the Personal Information Protection Law (PIPL) came into force in the PRC, the Cyberspace Administration of China (CAC) issued the long-awaited Draft Provisions on Standard Contracts for the Export of Personal Information (Draft Provisions) on 30 June 2022.
The Draft Provisions supplement Article 38(3) of the PIPL, which provides that…
Hong Kong’s 2022 Guidance on Cross-border Data Transfers – Implications for Data Users and Processors
On 12 May 2022, the Hong Kong Privacy Commissioner for Personal Data (PCPD) issued a Guidance Note on the Recommended Model Contractual Clauses for Cross-border Transfers of Personal Data (2022 Guidance).
The 2022 Guidance is split into three “parts”:
- Part 1 is an introduction of the 2022 Guidance and the rationale underpinning it;
- Part 2
Minor(s) Regulation, Major Consequences? Cyberspace Administration of China’s New Draft Regulations for Online Protection of Minors
New draft Regulations on the Online Protection of Minors (Draft Regulations) were released by the Cyberspace Administration of China (CAC) on 14 March 2022. They update the 2016 Draft Regulations of the same name which were released for public comment but never adopted.
The latest Draft Regulations have been issued pursuant to the PRC Law…
Pushing the Envelope? The CAC’s Draft Regulations on Push Notifications
On 2 March 2022, the Cyberspace Administration of China (“CAC”) issued draft regulations on the administration of internet pop-up push notifications (the “Draft Regulations”). The Draft Regulations were issued pursuant to a number of laws, including the Cybersecurity Law.
The Draft Regulations bid to further tighten government control over the news followed a…
Cyber Spotlight: Cybersecurity Developments in Europe, the UK and China
In this National Cybersecurity Awareness Month conversation, Mayer Brown lawyers from our global practice will discuss the latest legal trends and developments relating to cybersecurity in China, Europe and the UK. Topics will include:
- The implications for international businesses seeking to comply with China’s new Data Security Law and Personal Information Protection Law in combination
Dawning of a New Era: China’s Personal Information Protection Law
On 20 August 2021, China’s much anticipated Personal Information Protection Law (PIPL) was passed. The new law will come into force on 1 November 2021. The PIPL, Cybersecurity Law and the new Data Security Law (which came into force on 1 September 2021) now form the main legal framework governing data security and the handling…