(By Gao Tianyi and You Yunting) China’s legal system for dealing with data security and personal information protection standards has been established*, but more detailed rules and standards are in the process of being formulated. This article will mainly discuss the new requirements for, and new changes in, data localization and compliance management regarding cross-border data transfers.

The analysis shows that those who use data from China should keep abreast of changes in policy orientation within the country, in order to avoid potential regulatory risks.