China has published a draft Cyber Security Law (Draft Law) for public discussion and feedback until 5 August 2015.

This law, if enacted in its current form, will have far-reaching consequences for financial institutions with operations in China.

In recent years, China has dedicated efforts to enhance the security and supervision of the Internet and telecommunication networks, in particular, regulating the use of personal data and protections against cyberattacks.

In the absence of a comprehensive data privacy law in China, the Draft Law contains certain provisions in relation to personal data privacy and data protection to supplement existing data privacy rules which are scattered in various administrative regulations and judicial interpretations.

As data protection becomes an increasing important area of compliance, it is critical that financial institutions are aware of the new regulatory measures to ensure their internal processes are compliant with the latest requirements.

The Draft Law is open to public discussion and feedback from interested parties until 5 August 2015. According to the Xinhua News Agency, the legislator had received more than 1,000 submissions by 10 July, just three days after the Draft Law had been made public.  We intend to monitor progress of the Draft Law and to provide updates of significant developments.

Please click here to see our full briefing.