On 11 April 2017 the Cyberspace Administration of China published a circular calling for comments on its draft Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures (the Draft Export Review Measures). Public comments are open through 11 May 2017.
The main legislative purpose of the Draft Export Review Measures is to clarify the process and requirements relating to the data localisation provisions in the Cyber Security Law, one of the most controversial aspects of the law. While the Draft Export Review Measures do add a significant level of implementing detail as to the practicalities of compliance, we expect that for many multinational corporations with operations in, or doing business with, China, the nature of the clarifications do not go in the direction that they would have wanted. In particular, the Draft Export Review Measures include a significant expansion of the scope of the localization measure, potentially applying to all businesses collecting data in China.
Hogan Lovells has released a guide highlighting the key provisions in the Draft Export Review Measures, including an overview of the significant points for commentary. The full guide is available here. Please refer to the contacts at the end of the guide for related inquiries.