Skip to Content

Reed Smith LLP

Professionals
Find Our People
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
Featured

Cheng, Cue named among top lawyers for DeSPAC transactions

Cheng and Cue recognized for acumen in transactions where private companies go public by merging with special-purpose acquisition companies

Advanced People Search
Capabilities
Industries

Energy & Natural Resources

Entertainment & Media

Financial Services

Health Care

Life Sciences

Other Industries

Transportation
Services

Corporate

Emerging Technologies

Environmental, Social & Governance (ESG)

Finance

Intellectual Property

Labor, Employment & Benefits

Litigation & Dispute Resolution

Managed Care

On Chain: Crypto and Digital Assets

Private Equity

Real Estate

Regulatory & Investigations

Restructuring & Insolvency

Retail and Consumer Goods

Tax, Private Client Services and Executive Compensation
Business Teams

Africa

Australia

Commonwealth of Independent States

India

Indonesia

Israel

Japan

Korea

Latin America

Nordic
Featured

PitchBook: Reed Smith leads on PE transactions in healthcare

Firm advises private equity funds and their portfolio companies as both acquirer and acquisition target in notable healthcare transactions

View All Capabilities
Perspectives
Locations
Empowering Innovation

ABOUT
NEWS
EVENTS

CONTACT / SUBSCRIBE
ALUMNI
CAREERS

DIVERSITY, EQUITY & INCLUSION
WOMEN'S INITIATIVE NETWORK (WINRS)
PRO BONO
RESPONSIBLE BUSINESS

EN
DE
ES
FR
中文

How Can We Help?

Skip to Content

2 January 2018 The Recorder

Cross-Border Data Transfers: CSL vs. GDPR

Helping in-house counsel with GDPR exposure to prepare for the data-transfer requirements of China’s Cybersecurity Law (CSL)

Home Perspectives Cross-Border Data Transfers: CSL vs. GDPR

As multinational companies wrap up compliance preps for the EU’s General Data Protection Regulation (GDPR), China’s Cybersecurity Law (CSL) takes center stage presenting new challenges. Although CSL took effect on June 1, 2017, the compliance deadline for the most controversial cross-border data transfer requirement is deferred until Dec. 31, 2018. Companies deemed “network operators” are required to conduct a security assessment if they transfer personal information or important data collected or generated in China to a foreign party. While CSL’s security assessment regime remains under development and the draft bears superficial resemblance to GDPR, the Chinese legislative and enforcement styles create confusion, and sometimes false hopes, for western companies. This article sheds light for in-house counsel with GDPR exposure on how to prepare for CSL’s data transfer requirement.

Hands behind a digital globe

The Data Transfer Requirements under CSL and GDPR

Article 37 of CSL initially requires that operators of critical information infrastructure (CII) store personal information and important data collected or generated in China within the territory of China, and conduct a security assessment if such data needs to be provided to a foreign party. Article 2 of the draft Measures later issued by the Cyberspace Administration of China (CAC) expanded the assessment requirement from CII operators to “network operators.”

CII operators refer to companies in critical sectors such as radio, television, energy, transportation, water conservancy, finance, and others that “will result in serious damage to state security, the national economy and the people’s livelihood and public interest if it is destroyed, loses function or encounters data leakage.” The much broader category, “network operators,” refers to “owners, operators, and service providers of computer networks.”

Download the PDF below to learn more!

Share Tools

Share on Facebook
Share on LinkedIn
Share via Email
Print This Page

Attachments

Cross-Border Data Transfers: CSL vs. GDPR.pdf

Related

Capabilities: Emerging Technologies
Offices: San Francisco

You May Be Interested

The MedTech Forum 2024

Meeting new challenges surrounding data retention

The FTC and FDA will see you now

New security requirements for connectable products in the UK: What you need to know

Reed Smith Client Alerts

YouTube
Instagram
LinkedIn
Facebook

Attorney Advertising
Legal Notices
Reed Smith Supplier Code of Conduct
Vendor Enrollment
Fraud Alert
Modern Slavery and Human Trafficking Statement

Privacy
Cookies
Accessibility

© 2024 Reed Smith LLP. All rights reserved.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.