Skip to content

China releases long-awaited data transfer rules

12 July 2022

Review your data practices now – China’s Cyberspace Administration (“CAC”) releases long-awaited rules updates

During the last two weeks, China’s Cyberspace Administration (CAC) released two significant updates to its data protection and compliance framework: the final language of the Measures for the Security Assessment of Outbound Data Transfers (“Measures”) and the draft Regulations of Standard Contracts for Cross-border Transfer of Personal Information (“SCCRs”). The Measures become effective on 1 September 2022, while the SCCs are still open for public comment until 29 July 2022.

The Measures and the SCCRs are in line with China’s years-long push towards creating a coherent, workable compliance framework for companies that need to engage in cross-border data transfers, but have been waiting for regulators to provide guidance on how they can do so in a legally compliant manner. Below are brief primers on both.

Download Briefing

Download a PDF version of ‘China releases long-awaited data transfer rules’