China’s Ministry of Commerce issues circular on the cross-border data transfer security management pilot

Back to Technology Law Committee publications

Jihong Chen
Zhong Lun, Beijing

Yun Luo
Zhong Lun, Beijing


On 14 August 2020, the Ministry of Commerce announced the Circular on Issuing the Master Plan for Comprehensively Deepening the Pilot Programme on Innovative Development of Trade in Services (the ‘Circular’). Under the Circular, pilot projects are expected to be carried out for cross-border data transfer security management in pilot areas with relatively better conditions.

The Circular has a chart attached with the tasks, measures and responsibilities specified therein. To explore the regulatory regime of cross-border data transfer, under the 76th measure of that chart, the Cyberspace Administration of China is responsible for instructing and enacting policies to safeguard the cross-border data transfer security management pilot projects. Beijing, Shanghai, Hainan, Xiong’an and other pilot areas are responsible for implementing the pilot projects.

The 25th measure stipulatea that eligible pilot areas would be able to cooperate with overseas institutions to develop cross-border commercial medical insurance products, subject to the policies enacted by the China Banking and Insurance Regulatory Commission, and Ministry of Commerce.

The Cyberspace Administration of China; Ministry of Science and Technology; Ministry of Industry and Information Technology; and Ministry of Commerce would, under the 115th measure, support and instruct the security assessment of cross-border data transfer in pilot areas. Pilot areas are encouraged to set up a data security management mechanism, including data protection capability certification, data circulation backup review, cross-border data transfer and transaction risk assessment. Pilot areas are also encouraged to participate in international cooperation on digital rules and enhance the protection of data.

Back to Technology Law Committee publications