Top-5 Operational Impacts of China’s PIPL

Last Updated: March 2022

China’s Personal Information Protection Law, or PIPL, enacted Nov. 1, 2021, has rewritten the rules of the global privacy landscape. Many commentators have described it as one of the strictest privacy regimes on the planet. Akin to EU General Data Protection Regulation, it also applies extraterritorially to companies that handle any personal data from China, provide products or services to Chinese residents, or analyze the behavior of Chinese consumers.

This five-part IAPP series, the “Top-5 Operational Impacts of China’s PIPL,” is written by a host of experts on Chinese law. It explores the most important features of China’s PIPL, from requirements around sensitive personal information, data subject rights and international data transfers, to the bases for handling data, DPO responsibilities, and enforcement mechanisms and penalties. The IAPP Resource Center hosts a "China" topic page, and links to in-language and English translations of the PIPL can be found in the IAPP's "Global Privacy Law and DPA Directory".

Part 1: Scope, key definitions and lawful processing of data
Part 2: Obligations and rights
Part 3: Personal information protection officer
Part 4: Penalties and enforcement mechanisms
Part 5: International data transfers

ResourceCenter

All the privacy tools and information you need in one easy-to-find place

Top-5 Operational Impacts of China’s PIPL

Top-5 Operational Impacts of China’s PIPL

Related Stories

China

Asia

China’s PIPL takes effect, compliance ‘a challenge’