The Personal Information Protection Law of the People’s Republic of China (PIPL) went into effect on Nov. 1 and brought with it a suite of new requirements and lingering questions.  Organizations already complying with the European Union’s General Data Protection Regulation (GDPR) will find familiar many requirements of the PIPL, but GDPR veterans and newcomers will both need to pay close attention to the unique privacy rules of the most populous country in the world. This article will touch upon a few of the points that organizations need to be aware of as they begin adapting their compliance programs according to the PIPL.

The PIPL uses its own terminology that is similar to words and phrases utilized heavily in the GDPR. For example, the PIPL refers to “personal information handlers” as organizations and individuals that, in personal information handling activities, autonomously decide handling purposes and handling activities. Those familiar with GDPR will see the similarities between the PIPL’s “personal information handlers” and the GDPR’s “data controllers.”

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]