China Privacy and Data Security
The MoFo Data Protection team is phenomenal: knowledgeable, responsive, solution oriented and efficient. They are the best firm I have ever worked with. – Legal 500 China
Privacy and Data Security in China
With its growing complexity of network security and data privacy legislation and standards, China has become a critical part of our global practice. Our China Privacy and Data Security team advises clients on a host of issues both within China and affecting their cross-border data flows and cross-border network operations.
Ranked as Band 1 in Data Protection & Privacy by Chambers Greater China Region 2024 - 2025 and Tier 1 in Data Protection by The Legal 500 China 2024-2025, our China team monitors developments relating to the Personal Information Protection Law (PIPL), the Cybersecurity Law (CSL), the Data Security Law (DSL) and the raft of other data privacy and security legislation and standards affecting clients across a broad range of industries. We help multinational companies ensure compliance with their obligations under the PIPL, CSL, and DSL by working closely with them to review policies, contracts, and data transfer and localization arrangements. We also help clients negotiate and renegotiate agreements with service providers and customers in order to ensure compliance.
We bring to our client work a sophisticated understanding of industry-specific privacy and data security obligations in mainland PRC. The local team is able to leverage our global privacy expertise to ensure that revised policies and arrangements properly address offshore privacy laws such as the GDPR and Hong Kong’s Personal Data Privacy Ordinance in addition to mainland Chinese laws.
Sign up in our “China Privacy and Data Security Resources Center” to receive up-to-the-minute legal and business analyses related to the latest China privacy and data security topics.
Related Insights
- Client Alert
China’s New CBDT Regime: One Year On
It has been 14 months since China rolled out its “new,” streamlined cross-border data transfer (CBDT) regime, with the issuance by the Cyberspace Administration of China (CAC) of the Provisions on Facilitating and Regulating Cross-Border Data Flows on March 22, 2024.
- Client Alert
China Data Privacy: New Clarity on Audit and DPO Requirements
The Cyberspace Administration of China (CAC), China’s data regulator, has issued the Measures for the Administration of Personal Information Protection Compliance Audits (个人信息保护合规审计管理办法, Measures), which provide important information on the conduct of personal information protection audits (Audits) under the terms of the Personal Information Protection Law (PIPL).
- Client AlertPrivacy + Data Security Predictions for 2025
Find out what’s coming for the privacy and data security sector in 2025, including updates on China privacy laws. From increasingly stringent global regulations and AI that helps protect consumer data, to rising ransomware attacks and increased consumer awareness of data rights, the MoFo Privacy + Data Security team has predictions for what’s coming next and insights for how you can be prepared.
Featured Webinars
- Speaking EngagementChina’s Cross-Border Data Transfer Regime: Understanding how CAC New Rules Affect Your China Business
After months of uncertainty, China’s data regulator, the Cyberspace Administration of China (CAC), issued the Provisions on Facilitating and Regulating Cross-Border Data Flows (促进和规范数据跨境流动规定, the Provisions) addressing a range of issues concerning China’s cross-border data transfer (CBDT) regime.
- WebinarCybersecurity Regulations State of Play: EU vs China
This webinar covers the various cybersecurity initiatives underway in the European Union, such as the Cyber Resilience Act, the NIS2 Directive, DORA, and the Cybersecurity Act, and assesses how they match up to what China’s cybersecurity laws have been developing into over the last few years.
- Speaking Engagement
Data Center Investments in Asia Pacific – Planning Ahead for a Successful Transaction
Fueled by the surging demand for data center and compute capacity , data centers are experiencing tremendous growth across many jurisdictions in APAC. The increasing demand by blue chip customers in Asia has sparked significant interest from institutional investors, developers and operators to develop or acquire these assets on an individual or portfolio basis.
