Summary
This newsletter from Bird & Bird LLP provides the latest updates on cybersecurity and data protection developments in China, highlighting important changes in legislation, enforcement actions, and industry trends. Key areas of focus include personal information protection, data security, and cross-border data flows.
Key Points
- The National Cybersecurity Standardisation Technical Committee (TC260) has introduced national standards focused on personal information audits, automated decision making, and sensitive information processing.
- Enforcement actions by the Cyberspace Administration of China and other authorities have ramped up, particularly targeting apps that violate personal information rights.
- New compliance guidelines for cross-border data flows were issued by the People’s Bank of China, addressing lawful data export for financial institutions.
- Local governments are actively working on developing basic systems for data management, enhancing the regulatory framework to unlock data value.
- Legislative proposals include guidelines for Personal Information Protection Audits and standards for automated decision-making systems.
Why should I read this?
If you’re keeping an eye on the evolving landscape of data protection and cybersecurity in China, this article is a must-read! It lays out crucial updates that could affect how businesses operate in this complex regulatory environment. We’ve sifted through the details so you don’t have to – you’ll want to be in the know about these changes!