cross-posted from: https://lemmy.ml/post/69725
The law will be applicable to data processing activities and security supervision within China’s territory. Data processing activities outside China’s territory that harm China’s national security, public interests will be pursued for legal responsibility in accordance with the law.
The provisions of the Cybersecurity Law apply to the security management for exporting data collected or produced by the operators of critical information infrastructure inside China’s territory, according to the law.
Besides this, China will establish a “centralized, unified, efficient and authoritative” mechanisms for data security risk assessment, reporting, information sharing, monitoring and early warning, according to the law.
For international companies like Tesla, the law means localization of the data. For example, as Tesla sets up factory in China, the data generated will be kept in China, and be subject to supervision of related cyber data regulator, Zhu Wei, a communications researcher at the China University of Political Science and Law in Beijing who specializes in cyberspace security, told the Global Times on Friday.
According to the new data security law, those who violate it, like provide important data to overseas actors, may face fines of no less than 100,000 yuan ($15,660) but no more than one million yuan; but if circumstances are more serious with core state data being mishandled or national sovereignty being endangered, a fine may be issued up to 10 million yuan and their business or business license may be suspended or revoked.