Cybersecurity & Data Protection
Our cybersecurity and data protection team is a forerunner and industry leader in China, with a wealth of experience in various fields such as cybersecurity, data security, and personal information protection. In addition to hands-on practice, our team has long been active in academic and legislative activities, most notably the research on and drafting of the Cybersecurity Law, the Regulations on Protection of Critical Information Infrastructure (draft for comments), the Data Security Law (draft), the Personal Information Protection Law (draft), and a series of supporting regulations of Cyberspace Administration of China (CAC). By closely cooperating with data compliance experts worldwide, we can offer our clients one-stop services for global data compliance. Having handled numerous mandates in this area, we have formed unique methodology for data compliance. Our extensive experience in Internet of Vehicles (IoV), autonomous driving, surveying and mapping, artificial intelligence (AI), cloud computing, big data, Internet of Things (IoT), blockchain, credit investigation, e-commerce, precision marketing, face recognition, online payment, IPO, etc. has equipped us with great acumen to help our clients navigate and respond to challenges in complex legal and regulatory settings. Our clients operate in a variety of industries, including finance, automotive, IT and internet, telecoms, life sciences and big health, media, energy, aviation, agriculture, chemical industry, and manufacturing.
Scope of Services
Data Element Policy Research and Data Transaction Mode Designing
Demonstration of data product compliance
Design of public open data models
Digital transformation planning and implementation support
Counseling on and compliance review for digital new infrastructure business
Data Compliance for Businesses Going Offshore
Data compliance risk assessment in major jurisdictions, including but not limited to European Union General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA)
Review of and assistance in drafting privacy policies for foreign-related websites/products and terms and conditions applicable to overseas consumers
Formulation of technical measures and organizational measures to protect the rights of data subjects
Analysis and design for routes of cross-border data transfer
Counseling on the appointment of data protection officers (DPOs) and EU representatives
Response to data breach incidents
GDPR and CCPA/CPRA compliance training
Autonomous Driving, AI, Blockchain, IoV, and IoT
Counseling on and compliance review for high-tech business
Algorithm governance framework design
Compliance of surveying and mapping geographic data
Qualification of internet map services
Data compliance framework design
Market access of and comprehensive solutions for IoV and IoT
Internet Finance (ITFIN) and E-commerce
Financial data compliance
Classification of financial data
Protection of rights and interests of financial consumers
Compliance analysis of cross-border transfer of financial data
Compliance governance of e-commerce and large internet platforms
Compliance of new-type e-commerce data
Compliance and protection of e-commerce merchants
Big Data and Cloud Computing
Compliance analysis and compliance model design for cloud service models, such as PaaS, SaaS, IaaS, and BaaS
Compliance for procurement of cloud computing and big data products and services
Market access of and transaction mode designing for telecommunications services
Compliance analysis for new business models, products, and services in collection, use, aggregation, transfer, sharing, etc., of data
Administrative Investigation and Criminal Risk Prevention
Identification of criminal risks associated with cybersecurity and data protection and formulation of related compliance guides
Provision of solutions and participation in emergency response to regulatory investigations and inquiries into cybersecurity issues
Formulation of cybersecurity incident response plans
Protection of Critical Information Infrastructure (CII)
CII preliminary identification
Designing of CII protection system
Equipment procurement and construction management of CII system
Designing of CII security personnel and accountability system
Cybersecurity review
Cybersecurity
Establishment of cybersecurity compliance management system
Cybersecurity multi-level protection scheme
Formulation of business cybersecurity rules
Cybersecurity incident response plan and drill
Implementation of online real-name system
Formulation of rules for procurement of network products and services
Designing of cybersecurity management measures
Cybersecurity compliance training
Commercial cryptography compliance
Listing, Investment, Financing, and M&A
Data compliance due diligence
Risk identification and solutions for pre-listing data compliance
Risk assessment of and response to cybersecurity review
Drafting and revision of the data compliance section of prospectus
Support for response to pre-IPO regulatory inquiries
Support for negotiations on data trade
Data Compliance and Governance
Establishment of enterprise data compliance management system
Drafting and revision of authorization documents (including privacy policies), internal compliance management rules such as corporate data management rules, data processing agreements, etc.
Localization and cross-border transfer of data
Classified and tiered data management
Security assessment of outbound data transfer
Impact assessment of personal information protection
Establishment of mechanisms for responding to requests for personal information subjects
Audit on personal information protection compliance
Personal information security engineering / privacy protection design
Data breach emergency response
Related
Articles
Deals
Awards
Professionals
- Latest
- Most relevant
-
- Office location
-
- Practices
-
Chinese Mainland Capital MarketsHong Kong & Overseas Capital MarketsInvestment/M&A & Corporate GovernanceCross-border Investment/M&AConstruction & Project DevelopmentFinancingDebt Restructuring & Non-performing AssetsTaxation & Wealth PlanningPrivate Equity & Investment FundsFinancial Products & TrustsLitigation & ArbitrationWhite Collar Crime & Criminal ComplianceBankruptcy-Insolvency & ReorganizationShippingCompliance & InvestigationAntitrust & CompetitionTrade Compliance & Trade RemediesCustoms & Import/ExportLabor & EmploymentHealth-Safety and Environmental ProtectionIP Licensing & EnforcementTrademark ProsecutionPatent ProsecutionCybersecurity & Data Protection
-
- Industries
-
Real EstateUrban InfrastructureTransportation & LogisticsTourism & HospitalityEnergy & PowerMining & Natural ResourcesBanking & Financial ServicesInsuranceFinancial Innovation & FintechTelecommunications & InternetInformation & Intelligence TechnologyHealthcarePharmaceuticals & Life SciencesEducation & TrainingMedia-Sports & EntertainmentNational Defense & Military IndustryRetail & Consumer ProductsIndustry & ManufacturingAgriculture & Food
-
Language
-
Jurisdiction
-
ChinaChina (Hong Kong SAR)UKJapanFranceCanadaKazakhstanCalifornia, USANew York, USANew Jersey, USAWashington, D.C., USAWashington, USAWisconsin, USAGeorgia, USAOregon, USAMinnesota, USANorth Carolina, USAColorado, USAPennsylvania, USATexas, USA澳大利亚新(xīn)南威尔士州China (Taiwan SAR)New South Wales, Australia
-
-
-
Grace LI
Non-equity Partner
ShanghaiPractices: IP Licensing & Enforcement,Cybersecurity & Data Protection -
Grace LI
Non-equity Partner
Shanghai
-
