Download this Paper Open PDF in Browser

Data Localisation in China and Other APEC Jurisdictions

(2016) 143 Privacy Laws & Business International Report, 22-26

UNSW Law Research Paper No. 11

9 Pages Posted: 10 Jan 2017 Last revised: 24 Feb 2017

Scott Livingston

Simone IP Services (SIPS)

Graham Greenleaf

University of New South Wales, Faculty of Law

Date Written: September 29, 2016

Abstract

Data localisation provisions are becoming commonplace around the world, not just in Russia. In many of these countries, local data protection laws may require that certain categories of data must be stored and processed on local servers within the country. Such provisions may require that some or all categories of personal data may only be stored and processed on local servers, or they make their export subject to conditions. Both types of provision may be called ‘data localisation’. Such laws are controversial.

The proposed Trans-Pacific Partnership (TPP) treaty between some APEC member countries includes onerous requirements on any Parties which have (or are considering) data localisation laws.

The focus of this article is the data localisation requirements which are now emerging in China, an APEC member even though it has not proposed to become a party to the TPP. As yet, China's data localisation laws are only sectoral. Another version may soon be enacted in the Cybersecurity Law (nearing finalisation), which requires that “critical information infrastructure” (“CII”) providers to store “citizens’ personal information and important business data” within China unless their business requirements require overseas storage and they have passed a security assessment regarding such storage and transfer. Such a provision will have significant implications for many foreign businesses operating in China.

Among APEC jurisdictions, China is not alone in adopting data localisation requirements. As well as the obvious example of Russia’s very sweeping law, they are found in at least Indonesia and Vietnam in very general forms, and in Canada and Australia in sector-specific forms. These are also explained in this article.

Keywords: privacy, data protection, localisation, China, Asia-Pacific

Suggested Citation

Livingston, Scott and Greenleaf, Graham, Data Localisation in China and Other APEC Jurisdictions (September 29, 2016). (2016) 143 Privacy Laws & Business International Report, 22-26; UNSW Law Research Paper No. 11. Available at SSRN: https://ssrn.com/abstract=2895610

Scott Livingston

Simone IP Services (SIPS) ( email )

25th Floor, 3 Lockhart Road
Hong Kong
Hong Kong

Graham Greenleaf (Contact Author)

University of New South Wales, Faculty of Law ( email )

Sydney, New South Wales 2052
Australia
+61 2 9385 2233 (Phone)
+61 2 9385 1175 (Fax)

HOME PAGE: http://www2.austlii.edu.au/~graham

Paper statistics

Downloads
158
Rank
158,586
Abstract Views
508