PRC Cybersecurity Law

Cybersecurity Law & Personal Data Infringement Interpretation (PRC)

Introduced in 1 June 2017 by the Standing Committee of the National People's Congress (NPC), it is the first set of comprehensive legislation governing cyber security and data privacy in China. 

  • Onshore data storage requirements

  • Significant regulation for transferring data offshore

  • Individual rights including right to access information, rights to data portability, right to be forgotten and objection to direct marketing

In October 2020, the NPC released a draft of the Personal Information Protection Law (PIPL). Once it comes into force, it will be China’s first comprehensive law on the protection of personal data which binds compliance obligations previously considered recommended practice and requiring organizations to comply with additional requirements.

Want to know more or talk to one of our experts?
Contact us now!