(By You Yunting) China and the US recently signed the Audit Supervision Cooperation Agreement, allowing supervisors and inspectors of the Public Company Accounting Oversight Board (PCAOB) to review audit materials of Chinese companies listed in the US in Hong Kong, including complete audit papers containing all information. According to media reports, Alibaba, JD and Yum China are the first businesses to be audited. Audit papers contain large amounts of data and personal information of domestic users (collectively “data”). I would like to discuss whether the audit paper review by the US parties is outbound data transfer and what procedures should be followed to transfer the data abroad according to Chinese laws.
(By Wang Hongliang) Just after the latest publication of my article about the compliance concerning outbound transfer of personal information, in which I referred to the Measures for Data Outbound Transfer Security Assessment (Exposure), the exposure version became official regulations on July 7th.
Accordingly, safety evaluation, the strictest way to transfer data abroad became the first one regulated in law. The Measures for Data Outbound Transfer Security Assessment is generally in the context of previous exposure versions. I would like to give a brief explanation of key points in the Rules.