China's New Standard Contractual Clauses – What Do They Mean for You?

On 24 February 2023, China passed its Standard Contract (PRC SCCs) regarding Cross-Border Transfer of Personal Information as well as Measures to implement them. They are far-reaching and apply to any personal data transport except where a robust assessment by the Cybersecurity Administration of China is mandatory (or voluntarily opted for).

Not only must the PRC SCCs be signed between exporter and any overseas recipient, but a detailed Personal Information Privacy Impact Assessment (PIPIA) also must be completed. Both the PRC SCCs and PIPIA must be filed with the CAC within 10 days of execution, which must occur prior to the exportation.

The PRC SCCs and implementing measures become effective 1 June 2023 for any new transfers. There is a six-month window given to transfers happening before that date.

In a new development, we note that China is weighing a restructure to establish a data administration bureau. This new organization would likely become the data regulator overseeing data administration in Mainland China, taking over some roles from the Cyberspace Administration of China.

Our webinar will outline the requirements and steps you will need to take to achieve compliance and provide any new updates available on the development of the new data administration bureau. Our China and Asia Pacific data protection experts also will provide a brief update on legal developments in the region, and there will be plenty of time for Q&A.

Dates and Times

Wednesday 22 March 2023
10 a.m. GMT | 11 a.m. CET | 6 p.m. China

Thursday 23 March 2023
7 p.m. EST | 4 p.m. PST

If you would like to attend, or have colleagues who would, please register any interested parties using the "Register" button above and select the date that is convenient for you.