pipl extraterritorial

u In addition, the PIPL has extraterritorial effect and applies to foreign companies or offshore processing activities outside of China in any of the following circumstances set forth in article 3 of the PIPL: for the purpose of providing products … As the Chinese equivalent of GDPR, the PIPL will change the current landscape of scattered provisions on personal data protection, by clarifying the rules for processing personal data, the obligations of data handlers and processors, and the rights of data subjects. This is the key issue for international institutions to consider when navigating regulatory requirements across different jurisdictions globally. The PIPL will become effective on 1 November 2021. where two or more processors jointly determine the purpose and method with respect to processing personal information, their respective rights and obligations shall be agreed on. Both are extraterritorial and thus applies for … However, both Data Security Law and the PIPL have extraterritorial jurisdiction. Like the GDPR, the PIPL is also extraterritorial and there is likely a significant amount of PIPL-covered personal information throughout Asia, not to mention everywhere else. Article 3 provides that the PIPL also applies to the handling outside China of PI of natural persons in … There is currently no specific requirement of targeting the PRC. The PIPL will work together with the Cybersecurity Law ("CSL") and the Data Security Law ("DSL") to establish a broader regulatory architecture governing cybersecurity and data privacy protection in China. China’s PIPL Training Course. Extraterritorial Scope. Another advantage of PIPL is that it has “extraterritorial effects” which allow the Chinese government to use their legal authority beyond the normal boundaries of their own country and residents. Violations of the PIPL are punished with fines of up to 5% of annual revenues or … China’s privacy law, the Personal Information Protection Law (PIPL), goes into effect on 1 November 2021[1] and is going to change the way that companies handle the personal information of individuals inside of China. Like the GDPR, the PIPL is intended to impose extraterritorial jurisdiction, and arguably covers any company or individual that processes the personal information of … The PIPL authorizes the Cyberspace Administration of China (CAC) to lead overall planning and coordination of PI protection and the relevant supervisory and regulatory work. For example, Cybersecurity Law does not have extraterritorial jurisdiction. In 2021, China passed the Personal Information Protection Law (PIPL), a comprehensive privacy law. Comparing extraterritorial applicability of China's PIPL to EU's GDPR. 2 additionally, the pipl requires personal information processors (also known as personal information … PIPL has extraterritorial jurisdiction to data processing or handling activities outside the territorial of China under 3 circumstances as provided in paragraph 2 of Art 3 of the PIPL. The criteria for the extraterritorial reach of the PIPL is similar to the threshold tests of the GDPR. This PIPL training course (20 mins) by Professor Daniel Solove provides an introduction to China’s PIPL. The PIPL is China’s third law aimed at the regulation of technology. An exception for pre-notice exists in cases of emergency of life, health, property, or safety (Article 17). Both PIPL and GDPR are extraterritorial. The law will apply to companies outside of China that process data related to products and services provided in China, or that "analyze or assess behavior of individuals in China." During the grace period, organizations operating in China and those established outside China but having to be subject to the extraterritorial effect of the PIPL, are suggested to carry out data compliance work in accordance with the PIPL to get prepared for the upcoming law. The PIPL applies both within China and extraterritorially, requiring companies that do business around the world to pay attention to the new law. EXTRATERRITORIAL APPLICABILITY. • … Extraterritorial or long-arm jurisdiction is applied under the PIPL. EXTRATERRITORIAL APPLICABILITY. Personal Information Protection Law - PIPL; UAE have number of laws in place that govern privacy as well as data security in the UAE. The Personal Information Protection Law: China’s Version of the GDPR? The Personal Information Protection Law (PIPL) is China’s first comprehensive legislation on personal information and data privacy. As is the case with identified or … The PIPL has extraterritorial applications too. 2. The PIPL is a substantial and significant new legislation – and it will pose significant challenges to many companies' personal data practices, both in relation to its complexity and in adding another new law to many multinational organisations' international compliance efforts. 3 b+ online identities . According to Article 3 PIPL, offshore entities or individuals who are processing the personal … In 2017, the Cyber Security Law was enacted, which was then followed in early 2021 by the Data Security Law. This Commentary highlights some of the most noteworthy provisions of the PIPL. print; print; At first glance, the territorial applicability provisions of China's draft Personal Information Protection Law bear some resemblance to those of the EU General Data Protection Regulation. PIPL has extraterritorial effect and applies to processing activities that take place both inside and outside the territory of China. the privacy law (pipl or private information protection law) applies to all personal information processing activities carried out in china, and has extraterritorial application to the overseas processing of the personal information of individuals located in china (where the purpose of such activities is to provide a product or service to such … The PIPL will have extraterritorial effect and will apply to the following processing activities: processing, within China, of personal information of natural persons; and processing, outside of China, of personal information of natural persons who are in China, if … schedule Nov 12, 2020 queue Save This. The PIPL sets the extra-territorial application, which grants the “long-arm jurisdiction” of the law. The PIPL will become effective on 1 November 2021. Notably, PIPL has extraterritorial reach, so even companies that have limited dealings with China could be subject to the law. The PIPL is a substantial and significant new legislation – and it will pose significant challenges to many companies' personal data practices, both in relation to its complexity and in adding another new law to many multinational organisations' international compliance efforts. the PIPL. Its applications are noted as follows: Organisations based in China that process the personal information of China’s citizens The PIPL is similar to the General Data Protection Regulation (GDPR) in many ways, however there are some important distinctions (IAPP gives a good overview, here). In particular, the PIPL is extraterritorial which means that even overseas domiciled companies carrying out personal information processing activities outside of China but for the purpose of providing services or products to natural persons in China, or to analyze and evaluate the activities of natural persons in China, will be subject to the law. Both relate to the collection, storage, use, processing, transmission, provision, public disclosure, deletion and any operation which is performed on personal information. extraterritorial applicability The PIPL applies both within China and extraterritorially, requiring companies that do business around the world to … Multinational entities with operations in or having business with the People’s Republic of China (PRC) should take note of the PRC’s new Personal Information Protection Law (PIPL), which took effect on 1 November 2021 and is extraterritorial in scope and effect.. The PIPL applies both within China and extraterritorially, requiring companies that do business around the world to pay attention to the new law. The PIPL shares many similarities with the EU’s General Data Protection Regulation (GDPR), but there are many important differences, … Scope and extraterritorial effect. 1. The PIPL is enforced and administered by the Cyberspace Administration of China and relevant state and local government departments. PIPL has extraterritorial jurisdiction to data processing or handling activities outside the territorial of China under 3 circumstances as provided in paragraph 2 of Art 3 of the PIPL. Extraterritorial Effects. The PIPL regulates the processing of personal information of individuals within the Mainland. These closely parallel the circumstances in which the GDPR provides that it has an extraterritorial effect. processing, outside of China, of personal information of … Like the GDPR, the PIPL has broad extraterritorial jurisdiction, so even companies with no presence in China could be affected by the new law if they are collecting data from people who are in China. PIPL went into effect recently, on Nov. 1, 2021. PSNL Personalis Inc Annual Report (10-k) Securities registered pursuant to Section 12(g) of the Act: None. However, both Data Security Law and the PIPL have extraterritorial jurisdiction. According to Article 3 of the PIPL, an overseas company processing personal data outside China will be subject to the PIPL if it sells goods or provides services to persons in China or analyses behavior of a person in China. To-Dos Art. Extraterritorial Effect The PIPL will have extraterritorial effect and will apply to the following processing activities: The provisions set out by the PIPL have extraterritorial reach, meaning that non-Chinese international schools offering their services to China residents are called to comply with certain provisions of the law as well. The PIPL applies to all processing activities carried out in China. The PIPL also has extraterritorial application where the processing of the PI is related to the provision of services or products to individuals in China or analysing or evaluating the activities of individuals in China. PIPL: Besides regulating organizations’ and individuals’ handling of personal data belonging to natural persons within the jurisdiction of China, PIPL's Article 3 extends the territorial scope beyond the borders of China. Effective November 1, 2021, regardless of quite a few yet-to-be-defined parts, the Personal Information Protection Law (PIPL)1 is China’s first complete law designed to manage on-line information and shield private data. The PIPL establishes extraterritorial jurisdiction of personal information handling activities in overseas countries. The PIPL also requires entities subject to these extraterritorial effects to either establish a dedicated office or appoint a designated representative in China for personal information protection purposes. However, similar to GDPR, PIPL seeks to have extraterritorial reach. Foreign businesses and organisations, including those in Hong Kong, which process personal information of individuals in the mainland for the purposes of offering products or services to them, or analysing and assessing their behaviour, must fall in line. 1. Extraterritorial application of the PIPL. It also has extraterritorial reach. Notably, the PIPL also contains a catch-all provision that authorizes the Chinese government to further expand the PIPL’s extraterritorial applicability in other laws or regulations. According to Article 3 PIPL, offshore entities or individuals who are processing the personal … The PIPL also requires companies to disclose additional activities as required under other applicable PRC laws. Now, the PIPL completes the framework, with a specific focus on personal information protection. The PIPL applies broadly to the handling of PI of natural persons that is undertaken within China. The law will apply to companies outside of China that process data related to products and services provided in China, or that "analyze or assess behavior of individuals in China." This GT Alert summarizes the PIPL. The PIPL applies not only to companies based in China, but also international companies that process the data of Chinese citizens. • The Draft PIPL seems to be modelled on the GDPR in relation to its extraterritorial reach. Like GDPR, PIPL is a national law with extraterritorial scope, meaning it applies to entities doing business both within and outside of China that process personal information on natural persons within the territory of China. On November 1, 2021, China’s Personal Information Protection Law (PIPL) will go into effect. Like the GDPR, the PIPL is extraterritorial in scope, covering all individuals, organizations, and corporations that handle the personal information of individuals within China’s borders (Article 3). The PIPL will come into effect as of 1 November 2021. Extraterritorial approach is an important similarity between GDPR and PIPL. Processing activities inside China: The first paragraph of Article 3 of PIPL states that PIPL applies to the processing of personal information of natural persons . The PIPL imposes extensive obligations on organizations and individuals engaged in "handling" of personal information, which is defined to include "collection, storage, use, processing, transmission, provision, disclosure, deletion, etc." 100 b+ identifiers . The PIPL has specialised the obligation in the Chapter 3, which sets rules for providing personal information to somewhere outside of China. As a jurisdictional matter, PIPL applies primarily to PI handling undertaken within China. like the gdpr, the pipl is intended to impose extraterritorial jurisdiction, and arguably covers any company or individual that processes the personal information of individuals in china (regardless of the individual’s nationality or residency).2additionally, the pipl requires personal information processors (also known as personal information … CUSTOMERS 3. like the gdpr, the pipl is intended to impose extraterritorial jurisdiction, and arguably covers any company or individual that processes the personal information of individuals in china (regardless of the individual’s nationality or residency). 150 + countries . Territorial Scope of the PIPL. Extraterritorial Effect If your organisation is based in PRC then you will of course need to comply with PIPL, but PIPL also has extraterritorial effect (similar to the GDPR) which means that it can apply to businesses located outwith the PRC in certain circumstances: We expect that regulators will issue further guidance on the extraterritorial effect of the PIPL. Another advantage of PIPL is that it has “extraterritorial effects” which allow the Chinese government to use their legal authority beyond the normal boundaries of their own country and residents. Articles 38 – 43 impose rules relating to data transfers and data localisation, with some restrictions. There is currently no specific requirement of targeting the PRC. “Processing of personal information” includes, among other things, the collection, storage, use, refining, transmission, provision, public disclosure and deletion of personal information. The PIPL’s provisions on extraterritorial application are clear. In regard to extraterritorial jurisdiction, the PIPL has similar rules compared to those under the GDPR. Stanford University’s DigiChina website has published a translation, here. Notably, the PIPL also contains a catch-all provision that authorizes the Chinese government to further expand the PIPL’s extraterritorial applicability in other laws or regulations. factors conducive to extraterritorial application of the PIPL; Adopt necessary measures to protect personal information, such as: categorizing personal information for appropriate compliance, formulating operation procedures to obtain necessary consents and handle enquiries and requests from individuals under the PIPL, The Personal Information Protection Law (PIPL) regulating use of personal data has now come into force in China. regulation of cross-border transfers of personal data from China. The PIPL will become effective on 1 November 2021. Some of those includes: Frameworks. Notably, the fine would be up to 5% of annual turnover, thus even exceeding GDPR. The Draft PIPL will apply to data processing OUTSIDE China if such data processing activity is for the purposes of providing products or services to Chinese individuals or for analysing or evaluating the behaviors of individuals in China. Extraterritorial reach. Provisions Addressing the Extraterritorial Scope of China’s Data Law Regime The draft Network Data Security Regulations also address exterritorial effects under the … The GDPR applies to controllers and processors if they offer goods or services to EU data subjects or monitor the behaviour of data subjects in the EU. PIPL has "an extraterritorial aspect to it," JoHannah Harrington, chief legal officer at tech firm Elements Global Services, told me. Extraterritorial application: In a similar way to the European Union's General Data Protectin Regulation, theLGPD will have extraterritorial application, that is, the duty of compliance will exceed the geographical limits of Brazil. According to Article 3 PIPL, offshore entities or individuals who are processing the personal … Regulation of the role of “personal information handlers” A “personal information handler” … Sanctions. PRC laws generally do not have extraterritorial effect. Extraterritorial Reach Impact of PIPL on Employment Relationships Issues Rules Article No. The PIPL also has extraterritorial application where the processing of the PI is related to the provision of services or products to individuals in China or analysing or evaluating the activities of individuals in China. • Extraterritorial issues. Like the GDPR, the PIPL is extraterritorial in scope, covering all individuals, organizations, and corporations that handle the personal information of individuals within China’s borders (Article 3). Like the GDPR, the PIPL is also extraterritorial and there is a likely a significant amount of PIPL-covered personal information throughout Asia, not to mention everywhere else. PIPL also applies to the PI of natural persons in China undertaken from outside China that is handled: For the purpose of providing products or services to natural persons in China; How does PIPL apply to higher education institutions? Extraterritorial Effects. The PIPL sets the extra-territorial application, which grants the “long-arm jurisdiction” of the law. According to Article 3 of the PIPL, in principle, this Law shall apply to the processing of the personal information of natural persons within the territory of the People’s Republic of China. The GDPR caused a flurry of activity to ensure compliance with this European regulation, with extraterritorial effect and an unpredictable global impact. With extraterritorial scope and severe fines and penalties, these laws are set to impose an increasingly complex and comprehensive legal framework for doing businesses in China that processes personal information. GDPR applies to non-EU data operators when EU citizen’s data is handled. China’s new Data Security Law (DSL) additionally went into impact earlier this 12 months, on September 1, 2021. 13, 18 and 27 Only under any of the following circumstances may a personal information processor process personal information: where the consent of the data subject is obtained; Pipl's unparalleled global index of identity information allows businesses to make connections that others can't — reducing customer friction, fighting fraud, and reducing the time spent on review and research! Just as GDPR applies to any company that handles the data of EU residents, PIPL applies to any company that processes the personal data of Chinese citizens regardless of whether that happens in China or outside the country. PIPL has "an extraterritorial aspect to it," JoHannah Harrington, chief legal officer at tech firm Elements Global Services, told me. In addition, the PIPL has extraterritorial effect and applies to foreign companies or offshore processing activities outside of China in any of the following circumstances set forth in article 3 of the PIPL: for the purpose of providing products … According to Article 3 of the PIPL, in principle, this Law shall apply to the processing of the personal information of natural persons within the territory of the People’s Republic of China. A legislative trend worth noting in recent years is that the PRC – in line with the US – is also attempting a "long arm" approach under its laws, particularly where cyber or data matters are concerned. The PIPL will have an extraterritorial effect and will apply to the following processing activities: processing, within China, of personal information of natural persons; and. Extraterritorial application 2. Personal information is defined as any information relating to identified or identifiable natural persons that is recorded by electronic or any other means, but excluding anonymous data. Similarly, PIPL applies to non-Chinese entities, when they handle personal data of … PIPL: A law with extraterritorial effect. The PIPL tracks GDPR's extraterritorial application in cases where offshore data processing activities are (i) for the purpose of providing … Extraterritorial application. In addition, the PIPL has extraterritorial effect and applies to foreign companies or offshore processing activities outside of China in any of the following circumstances set forth in article 3 of the PIPL: for the purpose of providing products or services to natural persons within China; The PDPL, therefore, has an extraterritorial application similar to GDPR. Mark if the Registrant is a well-known seasoned issuer, as defined in Rule 405 of the regulates!: //blog.focal-point.com/understanding-how-chinas-pipl-compares-to-the-eus-gdpr '' > PIPL < /a > Scope and extraterritorial effect, but also international companies that do around! With a specific focus on Personal Information Protection Law ( DSL ) went! Rules for providing Personal Information of individuals within the Mainland 3, which sets rules for providing Information! Chinese laws have extraterritorial jurisdiction notably, the Cyber Security Law and the PIPL regulates the processing of Information..., both data Security Law ( DSL ) additionally went into impact earlier this 12 months, September... ( 20 mins ) by Professor Daniel Solove provides an introduction to China’s.... The new Law, on Nov. 1, 2021 annual Report ( 10-k ) < >! The pipl extraterritorial application, which grants the “long-arm jurisdiction” of the PIPL has specialised the obligation the! Solove provides an introduction to China’s PIPL, therefore, has an application... Impose rules relating to data transfers and data localisation, with some restrictions Version... /a. Relationships Issues rules Article no //securiti.ai/uae-personal-data-protection-law/ '' > the PIPL have extraterritorial jurisdiction business around the to... Application similar to GDPR, PIPL seeks to have extraterritorial reach > extraterritorial APPLICABILITY in 2017, the sets! Issues rules Article no: //securiti.ai/uae-personal-data-protection-law/ '' > PIPL < /a > extraterritorial Effects PIPL training course ( mins... Pay attention to the new Law provisions of the Securities Act China passed Personal... Extraterritorial APPLICABILITY in 2021, China passed the Personal Information Protection Law... /a. November 2021 in cases of emergency of life, health, property or! And administered by the Cyberspace Administration of China and relevant state and local government.. Data localisation, with a specific focus on Personal Information Protection Law ( PIPL ), a privacy... With some restrictions effective on 1 November 2021 example, Cybersecurity Law does not have extraterritorial jurisdiction the PRC in... On the extraterritorial effect //blog.payproglobal.com/pipl-china-is-your-business-ready '' > PIPL < /a > extraterritorial APPLICABILITY ) by Professor Solove... Will become effective on 1 November 2021 Relationships Issues rules Article no data transfers and data,... | Ropes... < /a > extraterritorial APPLICABILITY: //www.gtlaw.com/en/insights/2021/9/china-promulgates-personal-information-protection-law '' > Passes! Administration of China however, similar to GDPR business around the world to pay attention to the Law. ) additionally went into effect recently, on Nov. 1, 2021 on...: //www.jtl.columbia.edu/bulletin-blog/the-personal-information-protection-law-chinas-version-of-the-gdpr '' > the Personal Information to somewhere outside of China and extraterritorially, requiring companies that business. Is a well-known seasoned issuer, as defined in Rule 405 of the?. Specific focus on Personal Information Protection Law: China’s Version... < /a > extraterritorial reach additionally! Extraterritorial effect 1 November 2021 Law | Ropes... < /a > the Information... China and relevant state and local government departments > China Promulgates Personal Information and data privacy PIPL... With some restrictions expect that regulators will issue further guidance on the extraterritorial effect data,!, requiring companies that do business around the world to pay attention to the Law. 2021, China passed the Personal Information Protection Law: China’s Version <. Pipl will become effective on 1 November 2021 relevant state and local government...., here this PIPL training course ( 20 mins ) by Professor Solove. Application, which was then followed in early 2021 by the data Security.... Pipl completes the framework, with a specific focus on Personal Information and data privacy rules... Decree-Law no: //securiti.ai/uae-personal-data-protection-law/ '' > PIPL < /a > • extraterritorial Issues Administration of and! When EU citizen’s data is handled September 1, 2021 provisions of the most noteworthy provisions of the PIPL the! To somewhere outside of China additionally went into impact earlier this 12 months, September! Sets the extra-territorial application, which was then followed in early 2021 by the data of citizens. This PIPL training course ( 20 mins ) by Professor Daniel Solove provides an introduction to PIPL. //Www.Mondaq.Com/China/Data-Protection/1137330/China39S-New-National-Privacy-Law-The-Pipl '' > annual Report ( 10-k ) < /a > • extraterritorial Issues not have extraterritorial jurisdiction of... ) < /a > extraterritorial reach data operators when EU citizen’s data is.. ( PIPL ), a comprehensive privacy Law, Cybersecurity Law does not extraterritorial... Emergency of life, health, property, or safety ( Article 17 ) and extraterritorial effect of PIPL... > • extraterritorial Issues for international institutions to consider when navigating regulatory pipl extraterritorial across different jurisdictions globally September,... 43 impose rules relating to data transfers and data localisation, with some restrictions 2017, Cyber. Training course ( 20 mins ) by Professor Daniel Solove provides an introduction to China’s PIPL Article no does! The data of Chinese citizens data Security Law and the PIPL completes framework... If the Registrant is a well-known seasoned issuer, as defined in Rule of. Of Chinese citizens to GDPR, PIPL seeks to have extraterritorial jurisdiction 2021! Framework, with a specific focus on Personal Information to somewhere outside China! > Overview of UAE’s Federal Decree-Law no, with some restrictions first comprehensive on..., property, or safety ( Article 17 ) be up to %... Sets rules for providing Personal Information Protection specialised the obligation in the 3! The extra-territorial application, which grants the “long-arm jurisdiction” of the Securities Act course ( mins. International institutions to consider when navigating regulatory requirements across different jurisdictions globally state and local government departments property, safety..., China passed the Personal Information of individuals within the Mainland effective on 1 November.! Solove provides an introduction to China’s PIPL even exceeding GDPR the Law become effective on November!, but also international companies that process the data Security Law and the PIPL completes framework. China’S first comprehensive legislation on Personal Information of individuals within the Mainland Cybersecurity Law does not have jurisdiction! Regulates the processing of Personal Information Protection only to companies based in China, but also international that. Enforced and administered by the data Security Law ) < /a > the PIPL regulates the processing Personal. The Cyber Security Law and the PIPL China passed the Personal Information Protection Law: China’s Version the! An extraterritorial application similar to GDPR, PIPL seeks to have extraterritorial reach have! University’S DigiChina website has published a translation, here 1 November 2021 most... Provides an introduction to China’s PIPL seasoned issuer, as defined in Rule 405 of the noteworthy. Administered by the Cyberspace Administration of China issue further guidance on the effect., health, property, or safety ( Article 17 ) //www.jtl.columbia.edu/bulletin-blog/the-personal-information-protection-law-chinas-version-of-the-gdpr '' > the PIPL enforced. Uae’S Federal Decree-Law no the PDPL, therefore, has an extraterritorial similar! The Law within China and extraterritorially, requiring companies that do business around the world to pipl extraterritorial attention to new! Extraterritorial application similar to GDPR, PIPL seeks to have extraterritorial jurisdiction will issue guidance... Exception for pre-notice exists in cases of emergency of life, health, property, or safety ( Article )! Consider when navigating regulatory requirements across different jurisdictions globally be up to 5 % of annual turnover thus! Data operators when EU citizen’s data is handled Rule 405 of the most noteworthy provisions of the Law the... Pay attention to the new Law does not have extraterritorial jurisdiction to consider when navigating regulatory requirements across jurisdictions! Into effect recently, on September 1, 2021 ) < /a > the Personal Protection. Similar to GDPR, PIPL seeks to have extraterritorial reach grants the “long-arm jurisdiction” of the GDPR with some.! Is a well-known seasoned issuer, as defined in Rule 405 of the Law local government departments into effect,.: //www.jtl.columbia.edu/bulletin-blog/the-personal-information-protection-law-chinas-version-of-the-gdpr '' > PIPL < /a > Scope and extraterritorial effect on 1 November.... When EU citizen’s data is handled provisions of the PIPL has specialised the obligation in the Chapter 3 which... The “long-arm jurisdiction” of the Securities Act legislation on Personal Information Protection:! For providing Personal Information to somewhere outside of China if the Registrant a...: //www.ropesgray.com/en/newsroom/alerts/2021/September/China-Passes-Personal-Information-Protection-Law '' > the PIPL will become effective on 1 November 2021 38 – 43 impose rules relating data! Operators when EU citizen’s data is handled recently, on September 1, 2021 University’s DigiChina website published! 3, which sets rules for providing Personal Information Protection Law: China’s...! Key issue for international institutions pipl extraterritorial consider when navigating regulatory requirements across different jurisdictions.., Cybersecurity Law does not have extraterritorial jurisdiction was enacted, which sets rules for providing Personal Information and localisation! Exceeding GDPR went into impact earlier this 12 months, on Nov. 1, 2021 not only to based! China Passes Personal Information Protection Law | Ropes... < /a > the Personal Information.., pipl extraterritorial Law does not have extraterritorial jurisdiction based in China, but also international companies that business... By Professor Daniel Solove provides an introduction to China’s PIPL an extraterritorial application to! It is not very common that Chinese laws have extraterritorial jurisdiction and extraterritorial of! China’S Version of the Law somewhere outside of China and extraterritorially, requiring companies that the... Most noteworthy provisions of the Law Rule 405 of the PIPL applies both within China and extraterritorially, requiring that. With some restrictions be up to 5 % of annual turnover, thus even exceeding GDPR was! To the new Law seeks to have extraterritorial jurisdiction ( 20 mins ) by Professor Daniel provides! Exception for pre-notice exists in cases of emergency of life, health, property or! Sets the extra-territorial application, which grants the “long-arm jurisdiction” of the will...