Resource Center / Resource Articles / Top 5 Operational Impacts of China’s PIPL
Top 5 Operational Impacts of China’s PIPL
This series examines several facets of the Personal Information Protection Law of the People’s Republic of China.
Last updated: March 2022
China’s Personal Information Protection Law, or PIPL, enacted Nov. 1, 2021, has rewritten the rules of the global privacy landscape. Many commentators have described it as one of the strictest privacy regimes on the planet. Akin to EU General Data Protection Regulation, it also applies extraterritorially to companies that handle any personal data from China, provide products or services to Chinese residents, or analyze the behavior of Chinese consumers.
This five-part IAPP series, the “Top-5 Operational Impacts of China’s PIPL,” is written by a host of experts on Chinese law. It explores the most important features of China’s PIPL, from requirements around sensitive personal information, data subject rights and international data transfers, to the bases for handling data, DPO responsibilities, and enforcement mechanisms and penalties. The IAPP Resource Center hosts a "China" topic page, and links to in-language and English translations of the PIPL can be found in the IAPP's "Global Privacy Law and DPA Directory".
- Part One: Scope, key definitions and lawful processing of data
- Part Two: Obligations and rights
- Part Three: Personal information protection officer
- Part Four: Penalties and enforcement mechanisms
- Part Five: International data transfers