2020 has been an active year for developments in China’s cybersecurity and data protection regimes. In this e-bulletin we highlight the major regulatory and enforcement developments during the year in three key areas:

  • Security protection, where continuous regulatory efforts have been made to supplement technical standards in order to progress the establishment of the multi-level protection scheme (MLPS), with the police taking a more active approach to inspecting compliance with the MLPS regime.
  • Data protection, where two milestone pieces of legislation, the Personal Information Protection Law and the Data Security Law, started their progress through the legislative process, and important standards on personal information protection and risk assessment were updated or released; and
  • Supply chain security, where developments have focused on establishing the regulatory framework for commercial encryption and the supply chain security of Critical Information Infrastructure.

Further details are set out here. In each case we set out a reminder of the obligations under the Cyber Security Law and provide a brief summary of the main developments during this year.

Mark Robinson
Mark Robinson
Partner, Singapore
+65 68689808
Nanda Lau
Nanda Lau
Partner, Mainland China
+86 21 2322 2117
James Gong
James Gong
Of Counsel, Mainland China
+86 10 6535 5106

 


Disclaimer

Herbert Smith Freehills LLP is licensed to operate as a foreign law practice in Singapore. Where advice on Singapore law is required, we will refer the matter to and work with licensed Singapore law practices where necessary.