Navigating China’s new cross-border data transfer rules
The tightening of data flow policies in China spells implications beyond those for multinationals operating in the country
AS GLOBAL digital economy integration deepens, China is tightening cross-border data transfers through new regulations.
China recognises the importance of data in driving domestic economic growth. In December 2022, the Central Committee of the Chinese Communist Party and the State Council reaffirmed data to be a new type of production factor and encouraged data sharing to unleash its full economic value. But cross-border data transfers are subject to strict controls.
The latest addition to China’s regulatory framework is the updated Security Certification Specifications released on Dec 16, 2022, setting the standards for agencies certifying companies’ cross-border data transfers. Earlier on Sep 1, 2022, the Measures for Data Export Security Assessment took effect, regulating when companies must undergo a security assessment with China’s cyberspace authority. Both regulations pertain to Article 38 of China’s Personal Information Protection Law (PIPL) passed in 2021, which stipulates the conditions for exporting data abroad.
Decoding Asia newsletter: your guide to navigating Asia in a new global order. Sign up here to get Decoding Asia newsletter. Delivered to your inbox. Free.
Share with us your feedback on BT's products and services
