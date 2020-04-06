OneTrust DataGuidance is pleased to announce the release of the GDPR v CSL and Specification Comparing Privacy Laws report, which provides a means of analysing and comparing data protection requirements and recommendations under the GDPR and in Chinese legislation.

The Report, produced in collaboration with Chen & Co. Law Firm, examines legally binding obligations under China’s most significant pieces of data protection legislation, as well as non-binding recommendations as set out in the Personal Information Security Specification. The scope, main definitions, legal bases, data controller and processor obligations, data subject rights, and enforcement capacities set out by these provisions are detailed and compared with the requirements laid out under the GDPR. While the Cybersecurity Law (‘CSL’) is largely inconsistent the GDPR, the non-binding recommendations under the Specification bear a greater degree of similarity while also presenting nuanced differences and an alternative perspective to data protection.

Key takeaways:

Consent is a main pillar of personal data protection in both the EU and China

The right to be informed is enshrined in both approaches to data protection

Data security requirements are set out in detail

Sanctions and enforcement actions are provided for, although in different degrees

The Specification corresponds in nuanced ways with the GDPR in several areas: Key definitions Records of data processing DPIAs DPOs Data subject rights



Download the report HERE.