eDiscovery Daily Blog

• March 3, 2017

Are you familiar with it?

According to a survey conducted by Consilio and released earlier this week, 75 percent of legal technology professionals responding to the survey indicated that they are not familiar with China’s new Cybersecurity Law, which was passed by the Standing Committee of the National People’s Congress, China’s top legislature, in November 2016.  The new law is set to go into effect on June 1.

China’s new Cybersecurity Law will require foreign companies conducting business in the country to localize their data within mainland China which may contain sensitive privacy data or state secrets. Organizations that do not adhere to this provision will face potential financial penalties, including the possible loss of their ability to conduct business in mainland China. Individuals can face civil and criminal penalties, up to and including imprisonment and the death penalty for particularly egregious cases.

For more on China’s Cybersecurity Law, you can read Understanding China’s Cybersecurity Law, by Chris Mirasola on the LawFare blog here.  An unofficial translation of the law can be found on the China Law Translate site here.

Consilio’s survey of 118 legal technology professionals, from in-house law departments, law firms and government affiliated entities, was conducted at the Legalweek | Legaltech® New York 2017 conference held January 31 – February 2.  Some key findings of the survey include:

• 75 percent of legal technology professionals cited that they are not familiar with China’s new Cybersecurity Law;
• Only 14 percent of respondents indicated that they are “very concerned” about the new law;
• Yet, 57 percent of respondents indicated having at least one legal matter that touched China within the last two years (i.e. internal or government investigations, litigation, M&A, etc.), with 27 percent indicating that they knew of at least ten Chinese legal matters that their organizations were involved in during that time.

“China is now the world’s second largest economy, and for global corporations and those that aspire to be global, it is critical for them to have a full understanding of the data requirements and regulatory landscape of that region,” said Dan Whitaker, Managing Director of Consilio’s China operations, headquartered in Shanghai. “Since 2012, cyber walls have been going up in multiple regions around the world, and as countries continue to create new regulations, organizations must continually educate themselves on the quickly evolving nuances of data privacy laws in every jurisdiction, specifically as it relates to the ability to move data in and out of the countries in question.”

In addition to China’s new Cybersecurity Law, when polled about other international compliance laws their organizations are most concerned about, respondents identified the Foreign Corrupt Practices Act, or FCPA as the most concerning (40 percent), with the General Data Protection Regulation, or GDPR (22 percent) and the UK Bribery Act (8 percent) as other regulations respondents are concerned about.

Consilio has prepared a summary infographic to illustrate the results, which can be found here.

So, what do you think?  Are you familiar with China’s new Cybersecurity Law?  Are you concerned about it?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.