Data Privacy & Security

China proposes more stringent rules on export of personal information

As part of the Cyberspace Administration of China (CAC)’s recent push to accelerate formulation of the implementation rules of the China Cybersecurity Law (CSL), it published the draft Measures for Security Assessment of Export of Personal Information (for public consultations) on 13 June 2019 (“Draft Security Assessment Measures”).

As the CAC appears to propose adopting two separate sets of rules and requirements on the security assessment of outbound provision of personal information and important data, the Draft Security Assessment Measures introduce sweeping requirements where a two-step security assessment process (including CAC’s security assessment review) would be applicable to all outbound flows of personal information from network operators in China to foreign data recipients.

For more please download a copy of our client alert available here.