by Patrick F. Stokes, Oliver Welch, Nicole Lee, Ning Ning, Kelly S. Austin, Judith Alison Lee, Adam M. Smith, John D.W. Partridge, F. Joseph Warin, Joel M. Cohen, Ryan T. Bergsieker, Stephanie Brooker, John W.F. Chesley, Connell O’Neill, Richard Roeder, Michael Scanlon, Benno Schwarz, Alexander H. Southwell, and Michael Walther
The People’s Republic of China is clamping down on the extraction of litigation- and investigation-related corporate and personal data from China—and this may squeeze litigants and investigation subjects in the future. Under a new data security law enacted late last week and an impending personal information protection law, China is set to constrict sharing broad swaths of personal and corporate data outside its borders. Both statutes would require companies to obtain the approval of a yet-to-be-identified branch of the Chinese government before providing data to non-Chinese judicial or law enforcement entities. As detailed below, these laws could have far-reaching implications for companies and individuals seeking to provide data to foreign courts or enforcement agencies in the context of government investigations or litigation, and appear to expand the data transfer restrictions set forth in other recent Chinese laws.[1]