China’s Personal Data Law – Legal and Practical Assessment of Compliance Risk
By:
The implementation of the Personal Information Protection Law (“PIPL”) in 2021 establishes a legal framework that regulates the collection of personal information (“PI”) in China, applying to both foreign and domestic companies. The law also governs the cross-border transfer (or export, used interchangeably) of PI and has extraterritorial effects. Foreign companies processing Chinese PI from their home countries are subject to PIPL’s scrutiny, requiring them to either establish an entity in China or designate a Chinese representative. This local entity or representative must comply with PIPL requirements and register with the Cyberspace Administration of China (“CAC”).
Article 38 of PIPL outlines the obligations for companies exporting PI, whether belonging to Chinese or foreign nationals. Companies must choose one of the following options:
a) Successfully undergo a security assessment by CAC. b) Enter into a standard contract with the overseas PI recipient, filing it along with a PI Protection Impact Assessment at the provincial level CAC. c) Obtain certification from an accredited institution.
According to the Measures for Security Assessment of Data Cross-border Transfer, data processors meeting specific criteria, such as those transferring important data, serving as key information infrastructure operators, or handling PI for over 1 million people, must opt for security assessments (Option a). Options b and c are not available for entities meeting these criteria. Additionally, these security assessments apply to data processors exporting PI of over 100,000 subjects or Sensitive PI of over 10,000 subjects since January 1st of the previous year…
Featured News
Nvidia and Microsoft Sued for Allegedly Undercutting AI Technology Patent Prices
Sep 5, 2024 by
CPI
White & Case Strengthens Antitrust and M&A Practices with New Partner Additions
Sep 5, 2024 by
CPI
Federal Judge Dismisses Antitrust Lawyers’ Fee Demand Over JetBlue-Spirit Deal
Sep 5, 2024 by
CPI
Boston Landlords Named as US Sues RealPage Over Alleged Rent-Inflating Practices
Sep 5, 2024 by
CPI
Judge to Weigh Landmark NCAA Settlement Proposal in Antitrust Lawsuit
Sep 5, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Canada & Mexico
Sep 3, 2024 by
CPI
Competitive Convergence: Mexico’s 30-Year Quest for Antitrust Parity with its Northern Neighbor
Sep 3, 2024 by
CPI
Competition and Digital Markets in North America: A Comparative Study of Antitrust Investigations in Mexico and the United States
Sep 3, 2024 by
CPI
Recent Antitrust Development in Mexico: COFECE’s Preliminary Report on Amazon and Mercado Libre
Sep 3, 2024 by
CPI
The Cost of Making COFECE Disappear
Sep 3, 2024 by
CPI