To support the implementation of the China Cybersecurity Law, the Cyberspace Administration of China (CAC) published the draft Measures for the Administration of Data Security (Draft data security measures) on 28 May 2019, and the draft Measures for Security Assessment on the Export of Personal Information (Draft Security Assessment Measures) on 13 June 2019.
With these two drafts, the CAC seems to be proposing separate requirements for transfers of important data and for transfers of personal information. Network operators will need to follow a different set of security assessment procedures when transferring these different types of information out of China.
Transferring important data overseas. “Important data” can be broadly defined as data that if leaked, may directly impact national security, economic security, social stability or public health and safety. Under the Draft Data Security Measures, network operators intending to transfer important data overseas must conduct a security assessment and obtain approval from the competent industry regulator or the provincial counterpart of the CAC.
Transferring personal information overseas. “Personal information” can be broadly defined as information that by itself or in combination with other information can be used to identify a person or their birthdate, identification number, physical data, address, phone number, etc.
You must be a
subscribersubscribersubscribersubscriber
to read this content, please
subscribesubscribesubscribesubscribe
today.
For group subscribers, please click here to access.
Interested in group subscription? Please contact us.
你需要登录去解锁本文内容。欢迎注册账号。如果想阅读月刊所有文章,欢迎成为我们的订阅会员成为我们的订阅会员。
