Firstly, the most significant difference between the Official Provisions and the draft provisions for public comments is the further clarification of the distinction between sensitive and non-sensitive personal information in outbound data transfer regulation, and the adjustment of the quantity thresholds ...
This article updates USCBC’s December 2022 FAQs on China’s Cross-Border Data Transfer (CBDT) Regulation with new insights into company progress and likely enforcement patterns as the March 1 deadline approaches. This process is requ...
The New Regulations introduce exemptions to the existing filing obligations for outbound data transfer, including (1) absolute exemptions, which are exemptions applicable to all regulatory procedures for outbound data transfer, and (2) exemptions from the obligation to file a security assessment, i.e...
Between 2017 and 2021, China established the regulatory framework for outbound data transfer with the enactment of three pivotal laws: (i) theCybersecurity Law, (ii) theData Security Law, and (iii) thePersonal Information Protect...
and other relevant laws and regulations, this regulation is formulated for the implementation of data cross-border transfer security assessments, standard contracts for personal information cross-border transfer, personal information protection certification, and other related cross-border data transfer systems...
Multinational companies are generally aware of data transfer laws, but smaller ones just embarking on looking beyond country borders may not be.
China Administration of Cyberspace (CAC) officially enacted and published its new rules on data export. The new regulation, namelyMeasures on Promotion and Regulation of Cross-border Data Transfer(the “New Measures”) was published by CAC on 22 March 2024 with an immediate effect. ...
Undoubtedly, this will aid in high-quality development and serve to strongly support expansion to a higher level of international openness. Indeed, it could be said that the facilitation and regulation of cross-border flow of data is in itself a new initiative to expand international openness. ...
Detailed procedures and requirements for the security assessment can be found in the Measures for Security Assessment of Cross-border Data Transfer (《数据出境安全评估办法》), along with other supplementary documents that offer guidance on the assessment process. The regulation provides a six-month gra...
about the regulation of the useandtransferofpersonaldataincorporate mergers, Acting Deputy Privacy Commissioner for Personal Data advised that as corporate mergers were common commercial activities, the Bill proposed to exempt from Data Protection Principle 3 the transfer or disclosure of personal data for...