Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Enforcement Update: U.S. Courts Demonstrate Reluctance to Extend Application of Chinese Data Security and Privacy Laws In Civil Discovery
Two recent Chinese laws — the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) — include provisions aimed at restricting the cross-border transfer of China-based data to foreign enforcement and judicial authorities. As an initial matter, U.S. courts have limited the application of these laws and have continued to rely upon international comity analysis in compelling the production of responsive documents in civil discovery. However, U.S. courts have not yet addressed whether these data protection and privacy laws could bar the production of documents in civil contexts involving governmental litigants or in criminal proceedings.
The Data Security Law and the Personal Information Protection Law
The DSL and PIPL serve to create the framework for China's data protection regime and implement "stringent supervision and data processing duties on data processors and enforcement agencies."
The Standing Committee of the National People's Congress (NPCSC) adopted the DSL on June 10, 2021, effective Sept. 1, 2021. In general, the DSL governs data processing and management activities, including the collection, storage, use, processing, transmission, provision, and disclosure of data. See, DSL, Article 3. Importantly, however, the DSL also contains provisions regulating cross-border data transfers to foreign judicial or enforcement authorities. Specifically, Article 36 of the DSL establishes that the "competent authority" shall handle data requests made by foreign judicial or law enforcement organizations in accordance with existing laws and international treaties. (The "competent authority" references the PRC authority charged with overseeing relevant international agreements or treaties. However, the DSL does not provide additional guidance about who the "competent authority" would be in the case of a data request made by a foreign authority that does not have an MLAT with China.) Article 36 also prohibits Chinese organizations and individuals from providing data stored within the People's Republic of China (PRC) to foreign judicial or law enforcement organizations without the prior approval of the competent authority. Although the DSL provides no additional details about that approval process, the law imposes penalties for violators involving fines up to RMB 10 million and the potential suspension or revocation of business licenses for violators that breach the national core data management system, endanger national sovereignty, or implicate national security and development interests. See, DSL, Article 45.
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
Bonus Content: How Emerging Technologies Are Impacting IP: A Chat With Legalweek Speaker Ryan Phelan
In advance of Legalweek '25, a Q&A with conference speaker Ryan Phelan, a partner at Marshall, Gerstein & Borun and founder and moderator of legal blog PatentNext, to discuss how courts and jurisdictions are handling novel technologies, the copyrightability of AI-assisted art, and more.
Overview of Regulatory Guidance Governing the Use of AI Systems In the Workplace
Businesses have long embraced the use of computer technology in the workplace as a means of improving efficiency and productivity of their operations. In recent years, businesses have incorporated artificial intelligence and other automated and algorithmic technologies into their computer systems. This article provides an overview of the federal regulatory guidance and the state and local rules in place so far and suggests ways in which employers may wish to address these developments with policies and practices to reduce legal risk.
Is Google Search Dead? How AI Is Reshaping Search and SEO
This two-part article dives into the massive shifts AI is bringing to Google Search and SEO and why traditional searches are no longer part of the solution for marketers. It’s not theoretical, it’s happening, and firms that adapt will come out ahead.
While Federal Legislation Flounders, State Privacy Laws for Children and Teens Gain Momentum
For decades, the Children’s Online Privacy Protection Act has been the only law to expressly address privacy for minors’ information other than student data. In the absence of more robust federal requirements, states are stepping in to regulate not only the processing of all minors’ data, but also online platforms used by teens and children.
Revolutionizing Workplace Design: A Perspective from Gray Reed
In an era where the workplace is constantly evolving, law firms face unique challenges and opportunities in facilities management, real estate, and design. Across the industry, firms are reevaluating their office spaces to adapt to hybrid work models, prioritize collaboration, and enhance employee experience. Trends such as flexible seating, technology-driven planning, and the creation of multifunctional spaces are shaping the future of law firm offices.