Starting June 1st, US companies with business in China will have to comply with new data transfer rules that may limit or impair the ability to use data in the US. Like the EU, China will have new restrictions in place (and new, state-approved contractual mechanisms designed to help companies comply with those regulations) regarding the export of personal data outside China.
Why It Matters
The new "Standard Contractual Clauses" released by China will be one mechanism to allow data transfer outside China, but they add several steps to the contracts and compliance process. Companies may have to perform data risk assessments, file notices with the data regulator, notify data subjects of the transfer of their data, or take other steps before availing themselves of the SCCs.
Affected data could include HR data, customer data, consumer data, or other personal information. The Chinese authorities have a history of vigorous enforcement (and fines) in the data privacy arena; any US company with interests in China should plan to seek advice from local counsel well ahead of the June 1st enforcement date.
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-02-06-16-16-46-327-65c25b6e9e14f56dc129e31c.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-04-17-14-39-37-641-661fdf29326ad244c0db246d.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2023-12-31-15-31-03-042-659189379206d316b71d5362.jpg)