Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Two recent Chinese laws — the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) — include provisions aimed at restricting the cross-border transfer of China-based data to foreign enforcement and judicial authorities. As an initial matter, U.S. courts have limited the application of these laws and have continued to rely upon international comity analysis in compelling the production of responsive documents in civil discovery. However, U.S. courts have not yet addressed whether these data protection and privacy laws could bar the production of documents in civil contexts involving governmental litigants or in criminal proceedings.
|The DSL and PIPL serve to create the framework for China's data protection regime and implement "stringent supervision and data processing duties on data processors and enforcement agencies."
The Standing Committee of the National People's Congress (NPCSC) adopted the DSL on June 10, 2021, effective Sept. 1, 2021. In general, the DSL governs data processing and management activities, including the collection, storage, use, processing, transmission, provision, and disclosure of data. See, DSL, Article 3. Importantly, however, the DSL also contains provisions regulating cross-border data transfers to foreign judicial or enforcement authorities. Specifically, Article 36 of the DSL establishes that the "competent authority" shall handle data requests made by foreign judicial or law enforcement organizations in accordance with existing laws and international treaties. (The "competent authority" references the PRC authority charged with overseeing relevant international agreements or treaties. However, the DSL does not provide additional guidance about who the "competent authority" would be in the case of a data request made by a foreign authority that does not have an MLAT with China.) Article 36 also prohibits Chinese organizations and individuals from providing data stored within the People's Republic of China (PRC) to foreign judicial or law enforcement organizations without the prior approval of the competent authority. Although the DSL provides no additional details about that approval process, the law imposes penalties for violators involving fines up to RMB 10 million and the potential suspension or revocation of business licenses for violators that breach the national core data management system, endanger national sovereignty, or implicate national security and development interests. See, DSL, Article 45.
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
In June 2024, the First Department decided Huguenot LLC v. Megalith Capital Group Fund I, L.P., which resolved a question of liability for a group of condominium apartment buyers and in so doing, touched on a wide range of issues about how contracts can obligate purchasers of real property.
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
Latham & Watkins helped the largest U.S. commercial real estate research company prevail in a breach-of-contract dispute in District of Columbia federal court.
The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.