Yesterday, China updated its Measures on Cybersecurity Review. The update will replace the current rules and serve as the legal basis for ongoing and future cybersecurity reviews. The new rules make it clear that companies with large amounts of personal data must file a cybersecurity review when going public overseas,

At a WTO meeting of the Council for Trade in Services on October 22, 2021, Japan and the U.S. put China's cybersecurity measures on the agenda. These two Members, along with Canada, Australia, and the EU, offered comments on the measures, expressing concern with the burdens they

On November 14, the Cyberspace Administration of China (CAC) issued a draft of the Regulations on Network Data Security (网络数据安全管理条例(征求意见稿) [http://www.cac.gov.cn/2021-11/14/c_1638501991577898.htm] (link in Chinese)). The draft is open to public comments until December 13. The draft is part of the

On October 29, the Cyberspace Administration of China (CAC) issued a draft (link in Chinese) of Measures on Security Assessment of Data Exports (数据出境安全评估办法) (unofficial English translation here). The draft is now open for public comments until November 28, 2021. The draft is formulated in accordance with China’s Data

On August 20, China’s Standing Committee of National People’s Congress passed the nation’s first Personal Information Protection Law (个人信息保护法) (PIPL) (informal English version here). It is modeled after the Europe Union's General Data Protection Regulation, and has been called by some western media “one of

On July 12, China issued the Provisions on Network Product Security Vulnerability Management (《关于印发网络产品安全漏洞管理规定的通知 [https://www.miit.gov.cn/jgsj/waj/wjfb/art/2021/art_96c2d3de7a6f400ea1d8522b7893db7a.html] 》) (English translation here [https://www.chinalawtranslate.com/en/product-security-vulnerabilites/]). The document was jointly issued by the Ministry of Industry and Information Technology, the

On July 11, the Cyberspace Administration of China (CAC) issued a draft of the revised version (the Draft) of the Measures on Cybersecurity Review (网络安全审查办法（修订草案征求意见稿）). The revision, once finalized, would serve as the legal basis for the cybersecurity reviews launched recently. The Draft solicits comments, which are due by