The Standing Committee of the National People’s Congress of China enacted a new Cybersecurity Law in November 2016. The final Cybersecurity Law will apply to many multinational companies starting June 1, 2017.
Under the new law, operators of key information infrastructure (which may include multinational companies) are subject to a data localization requirement, under which they must retain, within the territory of China, critical and personal information which they collect and produce during their operations in China. They may still be able to transmit this information overseas, but only after undergoing and passing a security review. In addition, when operators of key information infrastructure procure network products or services that may affect national security, a national security inspection is required. Operators of key information infrastructure will also be required to undergo a network safety assessment at least once a year.
Hunton & Williams LLP will host a webinar on China’s New Cybersecurity Law on March 7, 2017, at 12:00 p.m. EST. Join Hunton & Williams partner Bing Maisog to understand the key aspects of the new Cybersecurity Law, including data localization, technology procurement, the handling of personal information, cybersecurity compliance requirements and a potential obligation to support government agencies. Bing also will discuss categories of enterprises established under the new law, sets of obligations that apply to each category, and what kinds of enterprises are likely to fall within each category.