On June 1, 2017, the Cybersecurity Law of the People’s Republic of China went into effect. The new law standardizes the collection and protection of personal information; institutes security requirements for network operators; regulates “critical information infrastructure” operators (in industries such as finance and communications); restricts transfer of personal information and business data overseas; and prescribes penalties. Of particular concern for foreign companies deemed to be critical information infrastructure operators in China are the requirements both to store the information locally as well as to pass government security checks for any overseas transfer of information.
For more information, visit the IAPP Resource Center.
Back to News and Information