China Penalizes Dior for PIPL Violation
China’s Ministry of Public Security (“MPS”) penalized Dior Shanghai for breaching personal information protection obligations, following an investigation into a data breach incident. MPS identified the following violations during the investigation: failure to implement a cross-border transfer mechanism; failure to fully inform data subjects about how their personal information would be handled by an overseas recipient; failure to obtain separate consent for cross-border trans
Rose Li, XL Law & Consulting
Dec 15, 20254 min read
China Issues New Requirements for Handling of Sensitive Personal Information
On April 25, 2025, TC260 issued the recommended standard Data Security Technology – Security Requirements for Handling of Sensitive...
Rose Li, XL Law & Consulting
Aug 6, 20255 min read
China Releases Guidelines on Reporting the Appointment of Data Protection Officers
On July 18, 2025, the CAC issued guidance on reporting the appointment of personal information protection officers. Handlers that reached...
Rose Li, XL Law & Consulting
Jul 31, 20254 min read
China Announces Special Measures to Strengthen PIPL Enforcement in 2025
The CAC and three additional departments jointly announced plans to strengthen PIPL enforcement in 2025 by applying special measures to...
Rose Li, XL Law & Consulting
May 12, 20254 min read
New Developments on the Negative List for Cross-Border Data Transfer in Free Trade Zones
On May 9, 2024, Tianjin Commission of Commerce released the Tianjin FTZ Negative List (2024 Edition) to facilitate the cross-border data...
Rose Li, XL Law & Consulting
Jul 9, 20243 min read
China Releases Implementation Guidelines for Notice and Consent
On May 23, 2023, China circulated the Information Security Technology- Implementation Guidelines for Notices and Consent in Personal...
Rose Li, XL Law & Consulting
Jun 14, 20234 min read
