As readers of this blog know, China has been increasingly active in proposing new cybersecurity and privacy regulations. In late 2015, China enacted a new counter-terrorism law.  In August 2015, it issued a draft network security law.  Also last summer, China issued new draft regulations on Internet advertising and clarified requirements for text marketing.  And, of course, China’s Internet regulator announced that China will move forward with new legislation on the protection of personal information.

In keeping with this whirlwind of activity, China now is moving ahead with a new cybersecurity and privacy framework that will focus on data localization, regulations on cross-border data transfer, and require security reviews of network products and services. Tim Stratford, the managing partner of Covington’s Beijing office, and his colleague Yan Luo recently published an article in Law360 explaining the three ways in which cybersecurity regulation in China is likely to change.  That informative article now is available to readers of this blog on Covington’s website at  We hope that you find it useful.