The Cyber Security Law from an Enterprise Perspective
#China
Along with the development of big data and cloud computing, the speed of information transmission has become more and more prominent, and the difficulty of cyber security and personal information protection has also increased. The Cyber Security Law of the People’s Republic of China (hereinafter referred to as the “Cyber Security Law”) is the first basic law to comprehensively regulate the security management of cyberspace in mainland China. Since its implementation, it has had a profound impact on the cybersecurity systems of enterprises.
Cyber Security
According to the main body regulated by the Cyber Security Law, almost all enterprises that “construct, operate, maintain and use the network” in China are covered. The term “enterprise” within the legislation does not distinguish between domestic and foreign enterprises, therefore, Chinese-funded enterprises and foreign-funded enterprise, as long as the enterprise “constructs, operates, maintains, and uses the network” in China, shall comply with the provisions of the Cyber Security Law . Taking a multinational enterprise that regularly processes and cross-border transmission of customer personal information as an example, it is necessary to pay attention to fulfilling compliance obligations related to the protection of personal information.
Cyber Security
First of all, relevant multinational enterprises should clarify the definition of “personal information.” For example, the information of specific clients collected by enterprises for business development may be regarded as “personal information” as they can identify “specific individuals” from such data.
Secondly, enterprises should formulate a strict system of personal information collection and use. The means of obtaining, usage, and storage of clients’ personal information shall be considered by the enterprise. It is important to obtain the authorization of the information subject, especially, in situations where the transfer of user information is from China to overseas, the situation of the party receiving the information overseas should also be disclosed to the information subject in a timely manner.
Cyber Security
It is recommended that relevant enterprises develop operational guidelines for the cross-border transmission of information and data, clarify the main responsibilities for the cross-border transmission of personal information, and strictly prohibit individuals who are not related to the business from contacting and transmitting personal information overseas in order to avoid possible legal risks.
Therefore, considering the above-mentioned scenario, we should suggest relevant investment enterprises to, while conducting cross-border investment business, take the provisions of personal information protection into account and understand the provisions of the Cyber Security Law in order to avoid potential compliance risks.
The Shanghai Municipal Bureau of Justice issued on 13 June 2024 and entered into force on 1 August 2024 the Measures for the Promotion of Ad Hoc Arbitration in Shanghai for Foreign-related Matters in Commercial and Maritime Fields (For Trial Implementation) which refers to Ad Hoc Arbitration Measures in this article. For most people, ad
As a key city in Northern China, Tianjin has successfully attracted significant foreign investment due to its unique geographical location, abundant resources, and supportive legal policies. The latest policies concerning Tianjin, in particular, offer even greater development potential and opportunities for foreign investment in China. I. Recent Policies Create New Opportunities for Foreign Investment II.
In order to implement the requirements of the State Council’s Action Plan for Promoting Large-scale Equipment Renewal and Trade-in of Consumer Goods (Guo Fa [2024] No. 7), the Shanghai Municipal People’s Government released the “Shanghai Action Plan for Promoting Large-scale Equipment Update and Consumer Goods Exchange for New (2024-2027)”(“Action Plan”) on April 30, 2024. According
#China
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.