A quick guide to China’s personal data protection law and data security law. 16 August 2023 Publication Print Publication Share Publication Welcome to our guide This page contains information and links to articles and resources our team has prepared on the new China data pr...
There are three major principal laws on data protection, i.e., the Cybersecurity Law (the “CSL”), the Personal Information Protection Law (the “PIPL”), and the Data Security Law (the “DSL”). 1.2 Is there any other general legislation that impacts data protection? Yes. Both the ...
ZSCALER’S COMPLIANCE WITH CHINA’S DATA PROTECTION LAWS: FREQUENTLY ASKED QUESTIONS Updated September 14, 2023 With China’s adoption in 2021 of the Personal Information Protection Law (“PIPL”) and the Data Security Law (“DSL”), as well as its approval June 1, 2023 of standard contractu...
The DSL will likely also apply to personal information, given that Article 53 of the finalised DSL states that processing of personal information will "also" need to comply with other laws and regulations. This suggests that, for one thing, processing of personal information is also covered ...
Influenced by EU’s General Data Protection Regulations (GDPR), arguably the most robust privacy and security laws in the world, China introduced its Personal Information Protection Law (PIPL) in November 2021. Like GDPR, PIPL has extraterritorial reach: its jurisdiction extends to entities outside...
The Background:In recent years, the People's Republic of China ("PRC") has implemented several significant laws governing the collection, storage, use, and transfer of data with a focus on protecting China's national security interests.
This article summarizes China’s current regulatory system of cybersecurity, data security and personal information protection based on the “Three Basic Laws”. 本文梳理了中国目前基于“三大基本法”而初步构建的网络安全、数据安全和个人信息保护监管体系。
pertaining to the transfer of their personal information and meet one of several requirements. These include agreeing to a "standard contract" issued by authorities overseeing cyberspace matters and fulfilling requirements outlined in other laws and regulations established by the authorities, the PCPD ...
. The DSL also has certain extra-territorial application which states “data handling activities conducted outside the territory of China, harming national security, public interests or legitimate rights and interests of citizens and organizations of shall be legally liable in accordance with laws”.[...
There is not a single comprehensive data protection law in the People's Republic of China (PRC). Instead, rules relating to personal information protection and data security are part of a complex framework and are found across various laws and regulations. That said, the three main pillars of...