Unlike the slow deployment and growing awareness surrounding the EU's General Data Protection Regulation, China's cybersecurity law has created some surprise. The law, which officially came into effect June 1, was crafted and passed at such relatively quick pace that many in the legal tech industry were unfamiliar with its existence in early 2017.

But apprehension over the law's effects has grown as well, as many have begun understand its scope and provisions. Much concern has been expressed, for example, over the severe criminal penalties facing companies that fail to comply.

Dan Whitaker, managing director of Consilio's China operations, told Legaltech News that “public surveillance, imprisonment, and the death penalty are all listed as possibilities for violating the state secrets provision of the Cybersecurity Law.”