Chinese state media recently reported on a data leakage case related to a high-speed rail operation involving a foreign company that has foreign government ties.

China's Ministry of Industry and Information Technology recently published a revised version of a proposed regulation governing data security in industrial and information sectors. The change, to some extent, broadens the scope of the regulation. The agency previously published the first draft last September.

Yesterday, China updated its Measures on Cybersecurity Review. The update will replace the current rules and serve as the legal basis for ongoing and future cybersecurity reviews. The new rules make it clear that companies with large amounts of personal data must file a cybersecurity review when going public overseas,

At a WTO meeting of the Council for Trade in Services on October 22, 2021, Japan and the U.S. put China's cybersecurity measures on the agenda. These two Members, along with Canada, Australia, and the EU, offered comments on the measures, expressing concern with the burdens they

On November 14, the Cyberspace Administration of China (CAC) issued a draft of the Regulations on Network Data Security (网络数据安全管理条例(征求意见稿) [http://www.cac.gov.cn/2021-11/14/c_1638501991577898.htm] (link in Chinese)). The draft is open to public comments until December 13. The draft is part of the

On October 29, the Cyberspace Administration of China (CAC) issued a draft (link in Chinese) of Measures on Security Assessment of Data Exports (数据出境安全评估办法) (unofficial English translation here). The draft is now open for public comments until November 28, 2021. The draft is formulated in accordance with China’s Data

On August 20, China’s Standing Committee of National People’s Congress passed the nation’s first Personal Information Protection Law (个人信息保护法) (PIPL) (informal English version here). It is modeled after the Europe Union's General Data Protection Regulation, and has been called by some western media “one of