What HR & IT Teams Need to Know About China’s New Data Security Law

Data Security Law Comes into Force 1st September 2021 and Personal Information Protection Law Follows Soon

Do you know about the new upcoming Data Security Law in China? On June 10th 2021, China passed the Data Security Law (DSL) which will come into effect on the 1st of September 2021. China’s big data security drive has been propelled by the introduction of two new laws this year.

HR and IT teams need to take note of the incoming changes as they could affect their business. Along with the Cybersecurity Law and the Personal Information Protection Law, the addition of the DSL will make up the framework regarding cybersecurity laws in the People’s Republic of China.

Due to the country’s fast-growing digital economy, the new law is aimed at strengthening the protection laws. Here are some of the highlights companies need to know about the DSL:

Key Highlights in the Data Security Law

Data Categories: Data will be classified into classes, including Core Data of the State and Important Data.

Protection Levels: This hierarchical classification considers the importance of the data. Core Data of the State will receive “enhanced protection” and is data related to the national economy, national security, and vital public interests. Organisations dealing with Important Data will need to designate a person and administrative department to conduct periodic risk assessments and submit a report to the relevant government authority.

Cross-Border Data Transfers: Data that is collected and generated by Critical Information Infrastructure Operators (CIIO) shall be stored within the territory of the People’s Republic of China. The cross-border transfer of Important Data collected and generated by CIIOs can only happen after a security assessment. Organisations and individuals are also prohibited from sending any data stored in China to foreign law enforcement bodies or judicial authorities without prior approval from relevant authorities in China.

Compliance Requirements for Data Trading Services Entities: Entities that provide data trading services are subject to certain responsibilities, including requesting the data provider to identify the data source, verify the identities of both parties, and retain transaction records.

Consideration for Elderly and Disabled: When designing an application for public services, the organisation or individual will need to consider the needs of elderly and disabled groups. These groups cannot be forced to use digital/intelligent products like QR code payments, and traditional methods must be offered as alternatives.

Antitrust and Unfair Trade Practices: Data used in anti-competitive means is strictly prohibited.

Government Access to Data: Businesses must cooperate during investigations conducted by public security and national security authorities. Such authorities will be subject to strict approval procedures before requesting access to data.

Penalties for Violation of DSL: Depending on the offence, the punishment will vary accordingly. Punishments can include suspension of business or revocation of business licences/permits, hefty fines, and potentially criminal penalties.

Source: Skrine

*This information is intended as a general guide and the law is still subject to further changes. For more details, please visit the government website or contact us now!

Having Trouble Keeping Up with the Latest Laws in China?

If you are running into compliance issues or find keeping up with the latest labour laws a burden, you can download our 2021 Mid-Year APAC Labour Law Comparison Chart and contact our team of professionals now to learn more about the latest updates across the APAC region.

For businesses who want an efficient way to expand their presence in Asia without the need to worry about local laws and regulations, contact us about our PEO/EoR services. The advantages enterprises can expect by using PEO/EoR include:

  • Hiring and onboarding offshore people in 48 hours
  • Guaranteed local labour compliance
  • Up to 60% better cost-efficiency compared to setting up a local entity
  • Increased flexibility in entering and departing a new market

Read our blog on the benefits of expanding your business with PEO / EoR or contact us now for more information on how our services can help you!

Related Articles:


Links International is an industry leader in innovative HR outsourcing with services such as payroll outsourcingvisa applicationPEO/EOR Secondmentoutplacementrecruitment and more! Contact us for more information on how we can help leverage your HR function.

Labour law comparison chart