What do China’s revised data export regulations mean for Europe?

Azure Forum Strategic Insight 010/2024

By Rogier Creemers, Lecturer, Modern Chinese Studies, Leiden University

On 22 March 2024, the Cyberspace Administration of China (CAC), the country’s data protection regulator, released new rules governing cross-border data transfers. These new rules replace very stringent and, in some areas, unclear rules issued in 2022, which had significantly complicated cross-border data flows, significantly affecting both Chinese and international companies as well as research institutions. The new rules will make life much easier for data exporters, as they raise thresholds for security reviews and other procedures, create exemptions for specific data export activities, and clarify areas of uncertainty.

For European businesses and research organisations which operate in China or collaborate with Chinese partners, this will reduce headaches related to data exports, and facilitate cross-border contracting and employment.