China Justice Observer

中司观察

EnglishArabicChinese (Simplified)DutchFrenchGermanHindiItalianJapaneseKoreanPortugueseRussianSpanishSwedishHebrewIndonesianVietnameseThaiTurkishMalay

China Releases Specification on Security Certification for Cross-border Processing of Personal Information

Wed, 10 Aug 2022
Categories: China Legal Trends

On 24 June 2022, China’s National Information Security Standardization Technical Committee released the “Practice Guide on Cybersecurity Standards – Specification on Security Certification for Cross-border Processing of Personal Information” (网络安全标准实践指南—个人信息跨境处理活动安全认证规范, hereinafter referred to as “Practice Guide”).

According to the Personal Information Protection Law (PIPL), Chinese personal information processors who need to provide PI outside the borders of the People’s Republic of China shall undergo personal information protection certification conducted by a specialized authority.

The Practice Guide aims to provide a legal basis for the specialized authority to implement personal information protection certification, as well as a reference for personal information processors to help them regulate the cross-border processing of personal information.

The Practice Guide applies to the following circumstances:

(1) cross-border processing of personal information within multinational companies, or subsidiaries or affiliates of the same economic or business entity; and

(2) cross-border processing of personal information to which Paragraph 2 of Article 3 of the PIPL applies, i.e., “the activities of processing the personal information of natural persons in China,” including:

  • (a) activities aimed at providing products or services to natural persons in China;
  • (b) activities of analyzing or evaluating the behavior of natural persons in China; OR
  • (c) other circumstances specified in laws and regulations.

 

 

Cover Photo by Xu A on Unsplash

Contributors: CJO Staff Contributors Team

Save as PDF

You might also like

Beijing Passes Autonomous Vehicle Regulation

In December 2024, Beijing passed the "Beijing Autonomous Vehicle Regulation," effective April 1, 2025, to promote development and safety, allowing self-driving cars in taxis, buses, and more after rigorous testing.

SPC Revises Rules on Mainland China - Taiwan Judgment Recognition

China’s Supreme People’s Court (SPC) has amended regulations on the mutual recognition and enforcement of civil judgments between Mainland China and Taiwan, clarifying application procedures, exceptions, and jurisdictional conflicts, effective January 1, 2025.

China Establishes Shanghai International Commercial Court

The Shanghai International Commercial Court was established in December 2024 as a division of the Shanghai First Intermediate People’s Court, with exclusive jurisdiction over foreign-related commercial cases and arbitration judicial review, along with newly released jurisdictional regulations and model clauses.

SPC Issues Guiding Cases on Gig Worker Protection

In December 2024, China’s Supreme People’s Court issued its first guiding cases on gig worker labor disputes, clarifying criteria for determining employment relationships with platform companies.

China Amends Supervision Law to Strengthen Oversight

The newly amended Supervision Law of the People’s Republic of China, effective June 1, 2025, strengthens oversight, limits supervisory powers, and enhances protections for citizens' rights through standardized enforcement.