• |

Feb. 2, 2022

China’s First Information Protection Law: Compliance Essentials

The long-awaited Personal Information Protection Law of the People’s Republic of China (PIPL) took effect on November 1, 2021, with guidance issued on December 31. While the law shares many similarities with the European Union’s General Data Protection Regulation (GDPR), there are unique requirements under the PIPL, and GDPR compliance does not automatically translate into compliance with the PIPL. In this guest article, Barbara Li, the data, TMT and FinTech practice lead for mainland China and Hong Kong at Rui Bai Law Firm, and Chris Cartmell, counsel at Tiang & Partners in Hong Kong, discuss the key legal requirements under the PIPL using the GDPR for comparison and offer practical compliance suggestions on collecting and processing personal information in China. See our two-part series on data security in China: “Crossing the River by Feeling the Stones (Part One of Two)” (Sept. 14, 2016); and “Performing Due Diligence and Internal Investigations (Part Two)” (Sep. 28, 2016). 

To read the full article

Continue reading your article with an ACR subscription.

Most-Read Articles

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.