On May 16, 2022, the U.S. Department of State, U.S. Department of Treasury, and the Federal Bureau of Investigation issued combined guidance on efforts by North Korean nationals to secure freelance engagements as remote information technology workers by posing as non-North Korea nationals.
Continue Reading U.S. Issues Guidance to Companies Warning of Cybersecurity and Sanctions Risks Posed by IT Workers Directed by North Korea

The Cyberspace Administration of China released for public comment the draft Regulations on Network Data Security Management. The Draft Regulations are intended to implement portions of three existing laws: the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law. In this blog entry, we discuss several of the key areas addressed by the Draft Regulations.
Continue Reading China Releases Draft Regulations on Network Data Security Management

On October 29, 2021, the Cyberspace Administration of China released for public comment Draft Measures on Security Assessment of Cross-border Data Transfer. The CAC issued the Draft Measures three days before the November 1, 2021 effective date of the Personal Information Protection Law.
Continue Reading China Issues Draft Measures on Security Assessment of Cross-border Data Transfer

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has submitted its response to the Standing Committee of the National People’s Congress of the People’s Republic of China on the updated version of the Draft Personal Information Protection Law.
Continue Reading CIPL Submits Comments on China’s Updated Draft Personal Information Protection Law

On April 29, 2021, China issued a second draft version of the Data Security Law (“Draft DSL”). The Draft DSL will be open for public comments until May 28, 2021.

While the framework of this version of the Draft DSL is the same as the prior version issued on July 3, 2020, below we summarize the material changes in the second version of the Draft DSL.
Continue Reading China Issues the Second Version of the Draft of Data Security Law for Public Comments

The National Information Security Standardization Technical Committee of China has published a draft standard on Security Requirements of Facial Recognition Data. The Standard, which is non-mandatory, details requirements for collecting, processing, sharing and transferring data used for facial recognition.
Continue Reading China Publishes Draft Security Standard on Facial Recognition

China’s State Administration for Market Regulation has recently issued Measures for the Supervision and Administration of Online Transactions. The Measures implement rules for the E-commerce Law of China and provide the specific rules for addressing registration of an online operation entity, supervision of new business models (such as social e-commerce and livestreaming), platform operators’ responsibilities, protection of consumers’ rights and protection of personal information.
Continue Reading China Issues the Measures for the Supervision and Administration of Online Transactions