Skip to content

Cyberspace Administration of China (CAC) publishes draft regulations for network data security management

Related people
Ho Victor
Victor Ho

Registered Foreign Lawyer, Cal

Hong Kong

View profile →

Jiang Jane
Jane Jiang

Partner

Shanghai

View profile →

Eugene Chen

Registered Foreign Lawyer

Hong Kong

View profile →

Richard Wagner

Registered Foreign Lawyer, WI

Hong Kong

View profile →

Ng Susana
Susana Ng

Of Counsel

Hong Kong

View profile →

26 November 2021

On 14 November 2021, the Cyberspace Administration of China (CAC) published a consultation draft of the Regulations on Network Data Security Management (Network Data Security Regulations) for public comment.

The subject matter of the draft appears on the 2021 legislative plan for the State Council and thus, while the CAC has published the draft, the promulgating authority may ultimately be the State Council. 

The draft seeks to provide more detail and to address certain provisions set out in the PRC Cybersecurity Law (CSL), the PRC Data Security Law (DSL) and the PRC Personal Information Protection Law (PIPL).  The consultation period is open until 13 December 2021. This note summarises a few key provisions of the draft Network Data Security Regulations that are most relevant to MNCs and proposes a number of potential clarifications.