Arendse Huld writes:
China has been expanding its legal framework for cybersecurity and data protection in recent years, with further advancements seen in 2023. This year witnessed the refinement of legal requirements governing the procedures to export personal information (PI), bringing further clarity to the responsibilities and accountabilities of companies.
At the same time, 2023 may have seen China’s cybersecurity authorities walk back some of the requirements placed on companies, in particular for cross-border data transfer (CBDT). Stringent CBDT restrictions have posed challenges for multinational corporations and foreign-invested enterprises (FIEs), potentially acting as barriers to increased foreign investment.
In an effort to improve the environment for foreign businesses, China’s cybersecurity authorities have recently proposed to ease the requirements imposed on companies regarding CBDT. By revisiting and modifying certain CBDT requirements, China is signaling its commitment to striking a balance between data security and facilitating smoother cross-border business operations. These proposed changes represent a pivotal step towards building a more dynamic and investor-friendly cybersecurity framework.
Read more at China Briefing.
Image by wirestock on Freepik