On 14 November 2021, the Draft Regulations on the Administration of Network Data Security have been introduced. The draft in question is intended to implement and to further specify the details of the (i) Cybersecurity Law, (ii) Data Security Law and the (iii) Personal Information Protection Law (PIPL). Pursuant to the drafted law, companies shall improve their data security management systems (Art. 6). Moreover, when carrying out the activities listed under article 13 of the draft, data processors must apply for cybersecurity review in accordance with the relevant regulations (Art. 13).
Original source