On 14 Nov. 2021, the Cyberspace Administration of China (CAC) released the proposed “Network Data Security Management Regulations (Draft for Public Comment)” (hereinafter “the Regulations”, 網絡數據安全管理條例(征求意見稿)) for public opinions through 13 Dec. 2021.
The Regulations currently comprises nine chapters and 75 articles with broad coverage of personal information protection, important data security, security management of cross-border data flows, obligations of internet platform operators, supervision, and related legal liabilities.
The Regulations applies to the processing activities of personal and organizational information outside of China, where the purpose of the processing is to provide products or services to natural persons in China, or to analyze or assess the activities of natural persons in China, or to involve the processing of important data from China, or for other purposes provided by the Regulations.
Besides, the Regulations specially stipulates “Chapter V. Data Cross-Border Security Management” to regulate the cross-border data transfer activities of data processors.
Previously, China has launched laws such as the "Network Security Law" (網絡安全法), "Data Security Law" (數據安全法), "Personal Information Protection Law" (個人信息保護法) and other supporting measures to strengthen data security management.
Cover Photo by Yubin Zhou on Unsplash
Contributors: CJO Staff Contributors Team
