China’s Cybersecurity Law six months on: enforcement begins but implementation ongoing
China’s new Cybersecurity Law (‘CSL’), in effect since 1 June 2017, introduced a framework for the regulation of data protection and cyber security on the Chinese mainland. Although ambiguous and far from comprehensive, the new law shows that the Chinese government is implementing far-reaching and controversial cyber and data measures that could directly impact any company doing business in China. These include domestic storage of data, restrictions on cross-border data transfers and extensive security assessments. As expected, the six months following the law’s enactment saw various CSL-related developments. We highlight implementing legislation, the first government enforcement action, the law’s ongoing controversy, and suggested measures for companies to take while the dust settles.
Any multinational company doing business in China, or depending in any way on Chinese network or data infrastructure, should take notice of the new law and the ongoing changes in the Chinese cybersecurity landscape.
Read the full English article here.