China: Implemented Cybersecurity Law including data localisation requirements

On 1 June 2017, the Cybersecurity Law of China, which contains extensive cybersecurity regulations for those building, operating, maintaining, and using networks, as well as rules on cybersecurity supervision by the state, has been implemented. According to the Bill, the operators of critical information infrastructure are required to store citizens’ personal information and other important data within the country. If such data has to be transferred overseas, the Bill requires a security assessment in accordance with extant regulations.