The Cyberspace Administration of China released the Measures for the Security Assessment of Cross-Border Data Transfer on July 7, 2022, to regulate cross-border data transfers in accordance with the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law. The measures went into effect on September 1, 2022.

The measures provide a six-month grace period from September 1, 2022, to March 1, 2023, for companies with previous cross-border data transfer activities to become compliant with the new standards. Companies with outbound data transfers should seek knowledgeable counsel to monitor the implementation and enforcement of the measures by the CAC.

Click here to read the full update.