Chinese Data Privacy Law’s Arduous Requirements Companies with business interests in China or who regularly use legal translation services should take note: as of March 1st, 2023, the grace period for the Personal Information Protection Law (PIPL) officially ended. Though the law was initially enacted on November 1st, 2021, China permitted a grace period for companies to achieve compliance. PIPL is a data privacy law similar to Europe’s General Data Protection Regulation (GDPR) law. The law creates restrictions and requirements for companies transferring data outside China. Processors of “personal information” (as defined by the law) must: Gain informed consent from data subjects Perform a PI protection impact assessment Fulfill one of three requirements: Complete a CAC (Cyberspace Administration of China) security assessment Obtain a CAC-approved certification from specified professional institutions Enter into data transfer agreements consistent with the CAC agreement template with all overseas data recipients Complete a CAC (Cyberspace Administration of China) security assessment Obtain a CAC-approved certification from specified professional institutions Enter into data transfer agreements consistent with the CAC agreement template with all overseas data recipients Many comparisons suggest PIPL is notably more stringent than its European counterpart for a few reasons. Firstly, it offers fewer sanctioned transfer mechanisms for personal information to another country or international organization. Secondly, PIPL imposes cross-border data transfer restrictions depending on the status of the organization transferring data. Statuses are based on how much information is processed and whether organizations operate critical information infrastructure. Consequences and Compliance Challenges Noncompliance with PIPL will be painful and costly for companies and their lawyers. The Cyberspace Administration of China (CAC) announced these penalties: Fines of up to RMB 50 million (around $7 million USD) 5% of the most recent company annual revenue Forfeiture of illegal gains Suspension of business operations Revocation of business licenses Fines for individuals directly responsible/involved in the violation up to RMB 1 million (approximately $143,833 USD) Potential criminal liability for more serious violations Disclosure of violations on credit records and publicly Companies and their legal counsel should note the grace period ended on March 1st, 2023. Obtaining approval from the CAC to transfer data from China hasn’t been a popular route for businesses. Organizations that applied for approval have been largely unsuccessful. As of February 22nd, 2022, only two companies obtained formal authorization to transfer data outside China from the CAC. Lionbridge’s Legal Translation Services Solutions Companies (and their legal counsel) needing to transfer data in a manner subject to PIPL should consider working with Lionbridge. With our offices in China, deep network of linguistic experts, expertise in legal document translation and certified translation, and cutting-edge technology, we can customize solutions for companies and their lawyers. Our clients rely on our innovative workflows and highly skilled linguists to handle complex legal translations — all within China. Data will never have to be exported from the country. This approach allows our clients to avoid triggering the labor-intensive compliance requirements of PIPL. Lionbridge’s legal translation service experts can customize solutions to meet deadlines and security needs. We have decades of experience protecting our clients’ sensitive information and meeting tight timelines for court dates, compliance requirements, etc. Lionbridge also has technology and workflows to provide language support for a high volume of documents and other materials. Get in touch. Need assistance supporting your clients this year? Lionbridge offers fast, reliable, top-tier legal translation and legal interpretation services. You can rely on our 25-plus years of experience, deep legal and language expert network, and innovative technology. We’re experienced in providing translation services for litigation, investigations, arbitration, e-Discovery, and more. Contact us today.