Data Protection & Privacy


On 22 March 2024 at 2000 hours, the Cyberspace Administration of China (“CAC”) released the long-awaited Regulations for Promoting and Standardising Cross-Border Data Transfer (“CBDT Regs”), which took effect immediately. The CBDT Regs undo or further clarify some of the requirements under:

  • Article 38 of the Personal Information Protection Law (“PIPL

In an era dominated by digital connectivity, safeguarding the integrity of networks and information systems has become a global imperative. China, recognizing the critical importance of cybersecurity, has introduced the draft Management Measures for Cybersecurity Incident Reporting (the Measures). The Measures outline a comprehensive approach to reporting cybersecurity incidents, aiming to minimize losses, incentivize legal