Using and disclosing personal information illegally in China can result in administrative penalties and criminal liability can be pursued. The Personal Information Protection Law (‘PIPL’), the Personal Information Security Specification (‘Specification’), and the Guide to Security Protection of Personal Information Online (‘Guide’) were adopted on 1 November 2021, 6 March 2020, and April 10, 2019,…
Read moreCategory: Cyber & Data Security
CHINA | Going Live from 1 September: Measures for the Security Assessment of Outbound Data Transfers
Released on the 7 July 2022, the Measures for the Security Assessment of Outbound Data Transfers becomes effective from 1 September (‘Measures’). The Measures published by the Cyberspace Administration of China supplements the Data Security Law and Personal Information Protection Law adopted in 2021. It setts forth the security assessment obligations for companies in China…
Read more
Personal Information Protection Law ('PIPL'), effective from 1 November 2021, regulates those collecting and handling personal information. For companies processing employee data, a robust data security system should be integrated into the IT infrastructure and in line with PIPL. Whilst PIPL largely affects companies handling consumer data, employers are not immune from PIPL and should…
Read more