China's PIPL mirrors the GDPR in terms of many of its core requirements and penalties, but some requirements are nuanced and and may require a refresh review of the existing company policies and procedures, which may create additional operational burdens.
A leading lobbying group in the Asia Pacific region is raising a warning about China's new proposed cyber security rules for financial firms, sending a letter to the China Securities Regulatory Commission.
When athletes arrive at the 2022 Winter Olympics they will be required to download an app called MY2022. Meant for contact tracing purposes, it will be packed with some unexpected extras: security flaws and possible censorship features.
China has announced new requirements for companies that might pose a "national security" threat, chiefly those that have large stockpiles of personal data that might wind up being transferred overseas.
China’s Personal Information Protection Law (“PIPL”) is now in effect, prompting a surge in hiring for DPOs. What was once a security-oriented role for DPOs in China has been elevated to serve the critical oversight function of ensuring organizational compliance with PIPL.
Alibaba's security team was the first to discover the Log4j vulnerability. Though Alibaba Cloud was not compromised, the company is nevertheless facing consequences for failing to notify Chinese regulators within two days as required by new laws passed in September 2021.
Recently, China’s new Personal Information Protection Law (PIPL) went into effect. The question now is what does this mean for the future of data protection policy, and perhaps more importantly, the lack of a comprehensive U.S. policy?
One of China's biggest tech companies has been told to pause any rollout of new apps. Tencent is now subject to added scrutiny from the government after multiple instances of running afoul of the country's new data laws.
If the new rules are approved, a broad range of Chinese companies will be subject to screening of data transfers that involve personal information or pertain to critical infrastructure.
China’s new GDPR-style data protection law does almost nothing to curb the state's unfettered access to data stored within the country, but does sharply limit the ways in which tech firms can handle and share it.