Skip to content

Cyberspace Administration of China (CAC) publishes draft regulations for network data security management

On 14 November 2021, the Cyberspace Administration of China (CAC) published a consultation draft of the Regulations on Network Data Security Management (Network Data Security Regulations) for public comment.

The subject matter of the draft appears on the 2021 legislative plan for the State Council and thus, while the CAC has published the draft, the promulgating authority may ultimately be the State Council. 

The draft seeks to provide more detail and to address certain provisions set out in the PRC Cybersecurity Law (CSL), the PRC Data Security Law (DSL) and the PRC Personal Information Protection Law (PIPL).  The consultation period is open until 13 December 2021. This note summarises a few key provisions of the draft Network Data Security Regulations that are most relevant to MNCs and proposes a number of potential clarifications.