China’s cybersecurity and data legal developments and implications for businesses

October 2022

China is proposing amendments to its Cybersecurity Law to increase the penalties for individuals and companies. The Cybersecurity Law has been strictly enforced since it came into effect on 1 June 2017. The other key laws in this space, the Data Security Law and the Personal Information Protection Law, have also been strictly enforced by Chinese regulators since they came into effect at the end of 2021. Recent hefty penalties imposed on various companies and their management have demonstrated the robust enforcement approach taken by the regulators. Businesses should be aware of their compliance obligations in order to avoid enforcement actions.

This publication was jointly published by PwC China and Tiang & Partners.

Tiang & Partners is an independent Hong Kong law firm that closely collaborates with the global PwC network.

For further discussions, please contact Chiang Ling Li at Tiang & Partners, or PwC contacts listed below.