On June 29, the Standing Committee of Shenzhen Municipal People’s Congress passed the Data Regulations of Shenzhen Special Economic Zone (hereafter referred to as “the Data Regulations”) (深圳经济特区数据条例 [http://www.sznews.com/content/mb/2021-07/07/content_24370464.htm?cxid=iyt&token=1625616000115] , link in Chinese). The rules

On July 18, China's Ministry of Industry and Information Technology (MIIT) issued its 6th list [https://www.miit.gov.cn/jgsj/xgj/gzdt/art/2021/art_d902f99e88ea42bab468d674bac622e1.html] in 2021 of apps that have not resolved existing problems related to user rights infringement. The list consists of 145

On July 11, the Cyberspace Administration of China (CAC) issued a draft of the revised version (the Draft) of the Measures on Cybersecurity Review (网络安全审查办法（修订草案征求意见稿）). The revision, once finalized, would serve as the legal basis for the cybersecurity reviews launched recently. The Draft solicits comments, which are due by

China has taken a series of actions recently in an effort to tighten scrutiny of the data security practices of domestic technology companies. Most prominently, the Cybersecurity Review Office (CRO) and Cyberspace Administration of China (CAC) initiated multiple cybersecurity reviews, including one on Chinese ride-hailing company Didi. These investigations all

On June 10, China’s Standing Committee of the National People’s Congress passed China’s first Data Security Law (数据安全法). The Data Security Law (the Law) was heavily influenced by the United States’ Clarifying Lawful Overseas Use of Data Act (the CLOUD Act) and the European Union’s General

On October 21, the Standing Committee of the 13th National People’s Congress reviewed and issued the draft Personal Information Protection Law ( 中华人民共和国个人信息保护法 (草案) [https://www.secrss.com/articles/26427]) to solicit public comments. Comments are due by November 19, 2020.  If passed, the law will become China’s first

On August 31, the National Information Security Standardization Technical Committee issued the Draft of Information Security Technology-Security Specification for Network Data Processing (《信息安全技术 网络数据处理安全规范》 [https://www.tc260.org.cn/front/postDetail.html?id=20200830094619]) for public comments. Comments are due by October 27, 2020. The Draft applies to network operators’