On 20 August 2021, the 13th National People’s Congress of the People’s Republic of China passed the Personal Information Protection Law (中华人民共和国个人信息保护法) (“PIPL“), which will take effect on 1 November 2021. The PIPL, together with the Cybersecurity Law which came into effect on 1 June 2017, and the Data Security Law which came into effect on 1 September 2021, form the core tenets of cybersecurity and data protection in China.
Compared with the second draft of the law, the enacted draft of the PIPL introduced several important new rules that will have a significant impact on how Personal Information Processors such as Internet and social media giants may handle and process Personal Information. This update will examine some of the key highlights of the PIPL.
For more information, click here to read the full Legal Update.
