Law.com Subscribers SAVE 30%

Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.

Enforcement Update: U.S. Courts Demonstrate Reluctance to Extend Application of Chinese Data Security and Privacy Laws In Civil Discovery

By Jeff Pade and Lindsey Dieselman
June 01, 2022

Two recent Chinese laws — the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) — include provisions aimed at restricting the cross-border transfer of China-based data to foreign enforcement and judicial authorities. As an initial matter, U.S. courts have limited the application of these laws and have continued to rely upon international comity analysis in compelling the production of responsive documents in civil discovery. However, U.S. courts have not yet addressed whether these data protection and privacy laws could bar the production of documents in civil contexts involving governmental litigants or in criminal proceedings.

|

The Data Security Law and the Personal Information Protection Law

The DSL and PIPL serve to create the framework for China's data protection regime and implement "stringent supervision and data processing duties on data processors and enforcement agencies."

The Standing Committee of the National People's Congress (NPCSC) adopted the DSL on June 10, 2021, effective Sept. 1, 2021. In general, the DSL governs data processing and management activities, including the collection, storage, use, processing, transmission, provision, and disclosure of data. See, DSL, Article 3. Importantly, however, the DSL also contains provisions regulating cross-border data transfers to foreign judicial or enforcement authorities. Specifically, Article 36 of the DSL establishes that the "competent authority" shall handle data requests made by foreign judicial or law enforcement organizations in accordance with existing laws and international treaties. (The "competent authority" references the PRC authority charged with overseeing relevant international agreements or treaties. However, the DSL does not provide additional guidance about who the "competent authority" would be in the case of a data request made by a foreign authority that does not have an MLAT with China.) Article 36 also prohibits Chinese organizations and individuals from providing data stored within the People's Republic of China (PRC) to foreign judicial or law enforcement organizations without the prior approval of the competent authority. Although the DSL provides no additional details about that approval process, the law imposes penalties for violators involving fines up to RMB 10 million and the potential suspension or revocation of business licenses for violators that breach the national core data management system, endanger national sovereignty, or implicate national security and development interests. See, DSL, Article 45.

This premium content is locked for Entertainment Law & Finance subscribers only

  • Stay current on the latest information, rulings, regulations, and trends
  • Includes practical, must-have information on copyrights, royalties, AI, and more
  • Tap into expert guidance from top entertainment lawyers and experts

For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473

Read These Next
'Huguenot LLC v. Megalith Capital Group Fund I, L.P.': A Tutorial On Contract Liability for Real Estate Purchasers Image

In June 2024, the First Department decided Huguenot LLC v. Megalith Capital Group Fund I, L.P., which resolved a question of liability for a group of condominium apartment buyers and in so doing, touched on a wide range of issues about how contracts can obligate purchasers of real property.

Strategy vs. Tactics: Two Sides of a Difficult Coin Image

With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.

CoStar Wins Injunction for Breach-of-Contract Damages In CRE Database Access Lawsuit Image

Latham & Watkins helped the largest U.S. commercial real estate research company prevail in a breach-of-contract dispute in District of Columbia federal court.

Fresh Filings Image

Notable recent court filings in entertainment law.

The Article 8 Opt In Image

The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.