Kent Woo

New Rules on Protection of Trade Secrets

On 23 April 2019, the Standing Committee of China’s People’s Congress passed an amendment to the Anti-Unfair Competition Law (“AUCL“), effective immediately, signifying China’s aim to further strengthen the protection of trade secrets. The AUCL is the main law in China providing for trade secret protection as China currently does not have a specific trade secret law.

In close relation to the AUCL, the new Foreign Investment Law (“FIL”), promulgated on 15 March 2019, also provides for increased protection of trade secrets, requiring authorities to keep confidential any trade secrets of foreign investors and foreign-invested enterprises that they learn during the performance of their duties and sets out punishments for unauthorized and unlawful disclosures. The changes in these laws evidence a further step towards providing stronger trade secret protection for foreign investors doing business in China.

The amendment to the AUCL includes seven major changes to its trade secret provisions:

1. Amendment to the Definition of Trade Secrets

The previous version of the AUCL limited the definition of trade secrets to technological and business operational information which is not known to the public and has commercial value. However, under the new amendment all types of commercial information may be regarded as trade secrets, giving companies more flexibility to implement measures to protect valuable information related to their business.

2. Electronic Intrusion is Considered as a Method of Trade Secret Infringement

As technology improves, stealing trade secrets through hacking becomes more and more common. Under the new amendment, hacking, or other forms of improperly obtaining trade secrets through electronic intrusion, are methods included in the list of actions the AUCL considers as infringement of trade secrets.

3. Violation of Confidentiality Obligations Could Also be Regarded as a Violation of Trade Secrets

The violation of trade secrets is no longer limited to the existence of a non-disclosure agreement. In practice, some companies may not have these agreements, nor do they specify the details of confidential information in agreements with their employees or senior management. The new amendment to the AUCL changes “violation of an agreement” to “violation of confidentiality obligations” (statutory confidentiality obligations are stipulated in Chinese law, specifically in the Company Law and the Contract Law), thereby expanding the range of potential infringing subjects and helping companies to better protect their legal rights regarding confidential information in the absence of a non-disclosure agreement.

4. Those Abetting, Seducing or Assisting Others in Trade Secret Infringement Could be Regarded as Joint Infringers

The amendment also expands its characterization of infringement. Legislators have found it to be quite common for competitors to abet, seduce or assist employees of other business operators to engage in trade secret infringement. While such competitors do not directly commit the infringement themselves, their behavior may now be regarded as such.

5. Expansion of the Scope of Infringers to Include All Individuals and Entities

Prior to the new amendment, only “business operators” could be regarded as infringers. The amendment expands the scope of those who could be considered infringers to include all individuals and entities who steal or leak trade secrets from the company. Therefore, employees and former employees who are not, strictly speaking, business operators are now considered potentially liable under the new amendment. This is a significant change since a lot of trade secret infringement in China is committed by employees and former employees.

6. More Serious Punishments

There are three major modifications to the provisions concerning the liability of those in violation of this law.

First, the act of “maliciously” committing trade secret infringement is now punishable with one to five times the amount of damages, with the degree of “maliciousness” determined by the claimant’s direct evidence. Although the amendment does not define “malicious infringement,” in practice, a claimant’s continuous submission of Letters of Demand to the infringers could be considered evidence to prove the maliciousness of the infringer. Second, the statutory damage for trade secret infringement has been raised from RMB 3 million to RMB 5 million. And third, the new amendment includes as a punishment the confiscation of illegal income gained from the trade secret infringement. The maximum fine has also been raised from RMB 500,000 to RMB 1 million under normal circumstances, and from RMB 3 million to RMB 5 million under serious circumstances.

These modifications aim to encourage owners of trade secrets to take action to safeguard their legal rights. Previously, owners of trade secrets were put in a precarious situation where the amount of damages they could legally claim against an infringer was less than the amount of money they would need to spend on legal fees. However, under the new amendment a higher amount of damages can be claimed and other punishments have been introduced to serve as an extra deterrent against infringers.

7. Reducing Burden of Proof Difficulties for Owners of Trade Secrets

The previous version of the AUCL set difficult standards for owners of trade secrets to protect their rights. Foreign investors who brought trade secrets into their business in China faced high burdens of proof, and often lacked the evidence to show that their trade secrets were indeed trade secrets, or whether another party had committed an infringement against their company.

The new amendment now requires that the owner provide prima facie evidence to prove that it has adopted confidentiality measures and to “reasonably indicate” that its trade secrets have been misappropriated. The alleged infringer will then be required to prove that the trade secrets do not meet the definition of trade secrets under the AUCL.

The burden of proof also shifts to the alleged infringer if the owner of the trade secrets can show (prima facie) that the trade secrets have been infringed upon. The owner can evidence this by demonstrating that the alleged infringer has ways to obtain the trade secrets; that the information used by the alleged infringer is substantially similar to the trade secrets; or that the trade secrets have been disclosed, used or have the possibility of being disclosed or used.

The reduction in the burden of proof for owners of trade secrets is an important change with regard to the protection of trade secrets in China. Not only does it serve to deter potential infringers, but it provides a greater ease to owners in enforcing their legal rights.

Concluding Remarks

The new amendment to the AUCL in conjunction with the new FIL is an active step by the Chinese government to provide stronger trade secret protection for foreign investors doing business in China, which in turn creates a better business environment. Foreign companies will be able to expand their business in China with peace of mind that their trade secrets and confidential information will receive the proper protection in the Chinese legal system.

2018 Draft Foreign Investment Law Deleted Provisions Related to “Variable Interest Entity” Structure

On 26 December 2018, a draft foreign investment law (“2018 Draft”) was released for soliciting public opinion. Once adopted, this unified foreign investment law will replace three existing laws that regulate joint ventures and wholly foreign-owned enterprises.

The 2018 Draft is not the first attempt to unify China’s foreign investment related laws.  The first attempt was the draft foreign investment law released in January 2015 (“2015 Draft”). Compared with the 2015 Draft, the 2018 Draft is much shorter, with only 39 articles, and, in particular, has deleted those provisions related to a Variable Interest Entity (“VIE”). 

The VIE is a business structure which is widely used by Chinese companies and some foreign investors in certain business sectors that are “strategic” or “sensitive” and have restrictions on foreign investment in China. By using a VIE structure, a wholly foreign-owned enterprise (WFOE) could exercise de facto control over a domestic company that is licensed to operate in a restricted industry through a series of contractual arrangements entered into between the WFOE and the Chinese company.

In the 2015 Draft, the definition of “foreign investment” includes, but is not limited to, the activity of “controlling any [Chinese] domestic company or holding interests in any domestic company by contract, trust or other means”. The 2015 Draft also defines the term “de facto controller”, which refers to “natural persons or enterprises that directly or indirectly control any foreign investor or foreign-invested enterprise”. These definitions include VIEs in their scope and therefore extend the restrictions on foreign investment to VIEs. If the 2015 Draft had been adopted, it would be highly unlikely for VIEs to be able to circumvent the restrictions imposed by Chinese law.

In the 2018 Draft, however, the definition of “foreign investment” is vaguer. This is partly due to the removal of the activity of “controlling any [Chinese] domestic company or holding interests of any domestic company by contract, trust or other means” from the definition of “foreign investment”, as well as the removal of the term “de facto controller” and its related clauses. This means that if the 2018 Draft is adopted, the restrictions on the VIE structure will likely remain unclear.

That being said, it is also possible that restrictions on the VIE structure will be piloted in certain specific “sensitive” industries, for example, non-government funded education. In the draft implementation rules of the non-governmental education promotion law released in October 2018, “protocol control” is prohibited in non-profit private schools. If the prohibition on “protocol control” is finally approved by the State Council, it is likely that restrictions on the VIE structure will be extended to other industries or even to all foreign investment in China.

According to the most recent news, on 29 January 2019, the second version of the 2018 Draft was submitted to the Standing Committee of the National People’s Congress for further review. As the second version has not yet been released, the details of the revisions are currently unknown.

Preventing Labour Disputes in China: The Importance of the Employee Handbook

Labour disputes in China have increased dramatically in recent years.  According to the 2016 China Labour Statistical Yearbook, labour dispute cases accepted for labour arbitration in China rose from 135,206 in 2000 to 813,859 in 2015, an increase of 502 per cent over 15 years.  The reasons for this increase include changes to Chinese labour laws that better protect employees, an improved and more efficient labour arbitration process, an increasingly informed workforce, and the recent economic slowdown in China.  It is therefore critical for employers in China to have in place effective mechanisms to prevent or at least minimise the potential for labour disputes.  One way is by having a well-crafted employee handbook (also referred to as a staff handbook, staff manual, or company code of conduct). 

What the Employee Handbook is and Why it is Important

The employee handbook is a document provided by the company to employees before they start their employment, and contains information on company culture, rules, regulations, and procedures, as well as the rights and duties of employees.  It is essentially the governing law of the company.  While an employee handbook is not mandatory for employers under Chinese law (unlike labour contracts), it is essential for protecting employers against labor disputes with employees.  This is particularly the case, for example, if an employer wants to terminate an uncooperative or rebellious employee for violating company rules and regulations (contained within the handbook) without being legally obliged to pay them severance pay or reinstatement them to their position.  If an employer does not have an employee handbook, however, then it is very difficult to legally terminate, let alone discipline, an employee for inappropriate behaviour, or even for doing something terrible that harms the company (e.g., intentionally damaging company property, stealing from the company, or selling confidential company information to a competitor).

Best Practices for Formulating the Employee Handbook

The employee handbook must firstly be clearly understood by all employees.  This means that it not only needs to be a reasonable length and not overly convoluted; it also means that it needs to be bilingual (i.e., in Chinese and mostly in English), and this is particularly the case for foreign companies with Chinese employees.  Without a Chinese version of the handbook, it is highly likely that a labour arbitration commission or court will rule that it is invalid and therefore unenforceable because the employees were unable to understand it.  While an English version isn’t as important in a legal sense, it is important for foreign employers to refer to for the purpose of making key employee-related decisions, particularly when it concerns termination.

It is also important that the employee handbook used in the foreign company’s home country headquarters not be directly translated into Chinese for use in its China subsidiary.  It needs to be tailored for the Chinese market and to ensure compliance with China’s constantly changing labour laws.  If a provision in the handbook violates Chinese law and it was used as a basis to terminate an employee, a labour arbitration commission or court will most likely deem it as unlawful termination and rule in the employee’s favour.  It is therefore critical that employers regularly review their handbook to ensure that it remains compliant with the law.

The employee handbook should avoid subjective and ambiguous rules.  An example of such a rule is one which simply states that being late or absent from work without good reason is a terminable offense.  Here, it is important to clarify the number of late arrivals which constitute a serious violation justifying termination.  Terminating an employee for being late once would most likely be considered unreasonable by a labour arbitration commission or court, and thus be considered unlawful termination.

The employee handbook should also make references to employees’ labour contracts.  This will greatly strengthen an employer’s position if an employee violates a rule or regulation contained in the handbook.  For example, employers should include a clause in the labour contract stating that the employee must comply with the rules and regulations of the employer, otherwise the employee may be disciplined or terminated.

Perhaps the most critical thing about the employee handbook, though, is that when formulating the rules and regulations contained within it, employers have a legal obligation, specifically under Article 4 of China’s Labour Contract Law (In Chinese: 中华人民共和国劳动合同法) (“LCL”), to have “consultations” with all employees or the employee representative council about those rules before making a final decision.  This is particularly crucial when such rules “have a direct bearing on the immediate interests of employees, such as labour remuneration, working hours, rest and vacation, occupational safety and hygiene, insurance and welfare, training, labour discipline and labour quota management”.  The consultation procedure is usually achieved through a meeting or several meetings.

Article 4 of the LCL also requires that the employer make public or inform employees of the rules and regulations as well as decisions on important matters.  Common practice here is for the company to publicly post on its bulletin board or share on its internal IT network an Implementation Notice and the final version of handbook.  These documents should also be sent to all employees in both hard copy form and via email.  During this process everything should be signed, witnessed and properly recorded.  If this consultation procedure is not followed properly or at all, then a labour arbitration commission or court will most likely rule that the handbook rules are invalid and unenforceable.

While ideal, it is not mandatory for the employer to obtain every employee’s explicit consent for them to be bound by the handbook rules and regulations.  The employer is also not required to agree to or accept employees’ comments, although it should document and record how it considered and responded to such comments.  Additionally, the consultation procedure is not required for new employees joining the company after the procedure has occurred.  However, all new employees must review and sign a copy of the handbook along with their labour contract before they start their employment.  If an employer ever gets into a dispute with one of its employees, and there is no written proof that the employee received the handbook and agreed to be bound by its contents, there is every chance that the employee will claim that they never received it.  In this situation, a labour arbitration commission or court would likely rule that the handbook rules and regulations are not binding on the employee.  In most cases, the burden of proof lies with the employer in China-related labour disputes.

Recommended Content for the Employee Handbook

Chinese law does not state specifically what needs to be included in the employee handbook (unlike labour contracts).  This is left up to the company to determine. However, every employee handbook should include information on the following:

  • Behavioural Standards and Disciplinary Procedures
  • Recruitment Standards for Probationary Employees
  • Employee Performance Assessment
  • Workplace Security
  • Working Hours & Overtime
  • Holidays and Leave
  • Remuneration Standards
  • Confidentiality & Non-Compete
  • Social Welfare

It is also beneficial for some companies to include in their handbook specific rules applicable to their industry.  For example, manufacturing companies might include information related to being on time, break lengths, and workplace safety, while restaurants and bars might include provisions on hygiene.  Below we discuss the first three abovementioned points, given that they relate to a crucial reason for having the employee handbook in the first place: employee termination.

Behavioural Standards and Disciplinary Procedures

Article 39(2) of the LCL states that an employer may terminate an employee’s labour contract without prior notice or severance pay if “the employee seriously violates the rules and regulations of the employer”.  Behavioural standards and disciplinary procedures for breaching an employer’s rules and regulations are usually not included in the labour contract; they are normally included in the employee handbook.  Disciplinary action for violations generally involve verbal and written warnings, demotion, and termination (in order of seriousness).  Here, it is critical to include in the handbook a precise explanation of the form of punishment that will be used for each type of misconduct.

To achieve this, the company should differentiate between major and minor violations.  A major violation, such as bribing a government official or selling confidential information to a competitor, can result in immediate dismissal.  A minor violation, such as turning up late to work, would lead to a verbal warning, followed by a written warning if the employee is late a second time.  The employer should also specify how many minor violations constitute a major violation, thereby justifying termination.  It is important to point out here, though, that the employer’s rules and regulations can be challenged during labour arbitration or court proceedings if they are considered unreasonable, particularly the question of whether or not a specific violation is serious enough to warrant termination.  The degree of seriousness will ultimately be decided on a case by case basis during the labour arbitration or court process.

When disciplining employees, it is also critical that the employer ensure that employees know that they have been disciplined.  It is not uncommon for a Chinese employee to claim that they never received a discipline notice.  It is therefore important to carefully collect evidence of handbook violations and maintain discipline records to prove the legitimacy of the termination.

Recruitment Standards for Probationary Employees

Many employers incorrectly assume that they can legally terminate employees during their probation period without giving a reason.  This is incorrect.  According to Article 39(1) of the LCL, an employer may only terminate an employee’s labour contract without prior notice or severance pay if “it is proved that the employee does not meet the conditions of employment during the probation period”.  The employer must provide evidence justifying the termination, including what the conditions of employment are, the employee’s acknowledgment of these conditions, and an assessment of the employee’s performance during the probation period showing that they did not meet the conditions.  If a labour arbitration commission or court considers the evidence to be inadequate, then the employer may be ordered to pay the employee severance pay or reinstate them to their position.

Not meeting the conditions for employment essentially means being “unqualified” for the position.  A definition of unqualified should therefore be included in the employee handbook.  This definition is likely to vary from position to position, and so may need to be amended for each position.

Employee Performance Assessment

When it comes to termination, different rules apply to regular employees who have already passed their probation, but who are, or who have become, incompetent in their positions.  Termination is significantly more difficult for non-probationary employees.  According to Article 40(2) of the LCL, an employer may terminate an employee’s labour contract with 30 days’ prior written notice or with one month’s wages instead of notice if “the employee is incompetent for the position and remains incompetent after receiving training or adjustment of his or her position”.  The employer must be able to prove not only that the employee is incompetent but also that they attempted to rectify the incompetency by offering the employee training or assigning him or her to another position, but that the employee remained incompetent regardless.

Unlike termination of probationary employees, severance pay is required for termination of non-probationary, incompetent employees, even when the employer provides satisfactory evidence of the incompetency.  According to Article 47 of the LCL, severance pay is calculated using two different formulas for two slightly different scenarios:

  1. Salary is less than three times the local average: (employee’s average monthly salary) x (years of service); or
  1. Salary is higher than three times the local average: (three) x (average local monthly salary) x (years of service).

If the employer cannot provide adequate proof that the employee is incompetent, however, then the termination will likely be deemed by the labour arbitration commission or court as unlawful, in which case the employer will be ordered to pay the employee double the above rates (LCL Article 87) or reinstate the employee to his or her position if he or she so demands (LCL Article 48).

Chinese labour laws and regulations are silent on what exactly is required in terms of evidence of incompetency.  Information on this should therefore be incorporated into the employee handbook, including specific performance assessment criteria to determine whether or not an employee is incompetent for the position.  These criteria should be disclosed to all employees, who should confirm their knowledge thereof in writing.

Concluding Remarks

The employee handbook is a critical document for employers, both foreign and Chinese, to have in order to protect against potential labour disputes with employees.  This is particularly the case if an employer wants to legally terminate a troublesome employee for violating handbook rules and regulations.  While one consequence for illegally terminating an employee is having to pay damages that amount to twice the rate of normal severance pay, a new regulation which came into force on 1 January 2017, namely the Measures for Publicising Acts in Material Violation of Labor Protection Laws (In Chinese: 重大劳动保障违法行为社会公布办法), stipulates that employers who materially violate labor protection laws will see their violations publicised on the local government’s official website, as well as in major newspapers, on TV, and through other media (Article 7).  Once publicised, the employer’s violations will become part of their compliance and credit records (Article 10).  It is therefore even more critical than in the past for employers to have a well-crafted employee handbook to make it easier to legally terminate troublesome employees.

China’s Cybersecurity Law: Data Localization and Cross-Border Data Transfers

By now, most people doing business in the People’s Republic of China have become aware of China’s recently enacted Cyber Security Law (In Chinese: 中华人民共和国网络安全法) (“CSL”).  The main aim of the CSL, which came into force last year on 1 June 2017, is to improve national cybersecurity, and to protect Chinese citizens and organizations from cyber-attacks and data theft.  Despite the CSL’s good intentions, however, when the law was promulgated many observers expressed concerns that its provisions were too broadly drafted, and therefore it was unclear in what way and to what extent they would apply to companies with business interests in China.  This was particularly the case with the provisions related to data localization and cross-border data transfers, a key aspect of the CSL.

In an attempt to address those concerns, the Cyberspace Administration of China (“CAC”), the Chinese government agency in charge of enforcing the CSL, released a series of drafts of supporting regulations that flesh out in greater detail, and facilitate the interpretation and implementation of, specific aspects of the CSL.  The drafts of the regulations were circulated by the CAC for public comment last year, but have not yet been officially enacted.

Main Entities Regulated Under CSL and Data Localization Requirements

Key Information Infrastructure Operators (“KII Operators”) and Network Operators are the main two entities regulated under the CSL.  According to Article 37 of the CSL, “personal information” and “important data” (definitions detailed below) collected and generated by entities designated as KII Operators must be stored domestically within China.  “Where it is really necessary to provide such information and data to overseas parties due to business requirements”, the Article further stipulates, “a security assessment shall be conducted in accordance with the measures formulated by the [CAC] in concert with the relevant departments under the State Council”.  This article essentially means that KII Operators may be obliged to use servers in China and to keep their Chinese data separate from their global databases.

Article 31 of the CSL defines key information infrastructure as “infrastructure that, in the event of damage, loss of function, or data leakage, might seriously endanger national security, national economy or the livelihoods of the people, or the public interest”.  The article also provides examples of KII industries and fields, including public communications, information services, energy, transportation, water utilities, finance, public services, and e-government affairs.  According to this definition, some examples of the types of companies that may be considered KII Operators include China’s state-owned banks, telecommunications companies and energy companies.

Article 18 of the draft Regulation for Protection of Critical Information Infrastructure (For Public Comment) (In Chinese: 关键信息基础设施安全保护条例 (征求意见稿)) (“Draft Regulation”), released by the CAC on 11 July 2017, further expands and clarifies the scope of entities that can be considered KII Operators to include, for example, entities in sectors such as science and technology for national defense, large-scale equipment manufacturing, chemical engineering, and food and drugs, among others.  However, whether companies operating in one of the abovementioned sectors will be considered KII Operators remains unclear.  It is expected that further decisions and guidance will clarify exactly what KII is and the types of organizations that are deemed KII Operators.

To provide further clarification on the requirements set out in the CSL for data localization and cross-border data transfers, on 11 April 2017 the CAC released the first draft of the Measures for Security Assessment of Cross-Border Data Transfer of Personal Information and Important Data (For Public Comment) (In Chinese: 个人信息和重要数据出境安全评估办法 (征求意见稿)) (“Draft Measures”).  While this supporting regulation has been useful in some respects in providing more clarity, the requirement to store data domestically in China under Article 37 of the CSL was expanded under Article 2 of the first draft of the Draft Measures to include both KII Operators and Network Operators, adding an extra layer of uncertainty regarding which entities are required to store data domestically in China.

According to Article 76(3) of the CSL, Network Operators refer to “owners, administrators of the network and network service providers”.  This definition appears to encompass almost any company or individual collecting information in China via a network (including the internet).  This led to significant backlash from both foreign and domestic companies with business interests in China.  As a result, the CAC removed the reference to data localization requirements for Network Operators in a second, revised draft of the Draft Measures.  This suggests that only KII Operators would be required to localize their data in China (in line with Article 37 of the CSL). However, under the second draft of the Draft Measures, Network Operators are still required to conduct a security assessment prior to transferring data overseas (detailed below).  In this second draft, the CAC also moved the effective compliance date from 1 June 2017 (the same as the CSL) to 31 December 2018 to provide companies with a grace period of 18 months to comply with the new rules.  According to other industry sources, in August 2017 the CAC apparently made some further small changes in a third draft, but this has not yet been released to the general public.  The third draft will therefore not be referred to for the purpose of this article.

Personal Information and Important Data

According to Article 76(5) of the CSL, “Personal information refers to all kinds of information recorded by electronic or other means that can, independently or in combination with other information, identify natural persons’ personal information, including but not limited to, natural persons’ name, dates of birth, ID numbers, personal biological identification information, addresses, and telephone numbers etc.”  Article 15 of the second draft of the Draft Measures expands this definition slightly to include correspondence and communication contact information, account numbers and passwords, property status, and location and activity information.

The CSL does not define important data.  The Draft Measures, however, does.  According to Article 15 of the second draft of the Draft Measures, “Important data refers to data closely related to national security, economic development and societal and public interests”.  An updated, second draft of the Information Security Technology – Guidelines for Data Cross-Border Transfer Security Assessment (For Public Comment) (In Chinese: 信息安全技术 – 数据出境安全评估指南 (征求意见稿)) (“Draft Guidelines”), an important guiding document which supplements the Draft Measures,provides a more specific definition of important data, as well as comprehensive examples of important data in 27 industries and sectors.

Security Assessment for Cross-Border Data Transfers

Article 6 of the second draft of the Draft Measures requires Network Operators to “conduct security assessments of cross-border data transfers according to the types, amount and importance of the cross-border data transfer”.  Under the second draft of the Draft Measures, and set out specifically in section 4 of the Draft Guidelines, there are two types of security assessments: (1) self-assessments; and (2) assessments carried out by the competent industry regulator or regulatory authority.  Article 8 of the second draft of the Draft Measures requires Network Operators to conduct a self-assessment before transferring data overseas to determine:

  1. The legality, legitimacy and necessity of the transfer;
  2. The quantity, scope, type, and level of sensitivity of the personal information to be transferred, and whether data subjects have consented to such transfers;
  3. The quantity, scope, type, and level of sensitivity of the important data to be transferred;
  4. The security capabilities, measures and environment of the data recipient;
  5. The risk of data leakage, damage, falsification or misuse of data after the transfer overseas and subsequent re-transfer; and
  6. The possible risks to national security, public interests, and individual rights.

According to section 4.2.6 of the Draft Guidelines, Network Operators are required to prepare a report following the completion of the self-assessment, and this should be retained for at least two years.

Under Article 7 of the second draft of the Draft Measures, a security assessment must be conducted by the relevant regulatory authority where the transfer involves:

  1. Data containing or accumulatively containing personal information of more than 500,000 individuals;
  2. Data related to nuclear facilities, chemical biology, national defense or military, population and healthcare etc.;
  3. Data related to large-scale engineering activities, the marine environment, sensitive geographical information;
  4. Data related to the cybersecurity information of key information infrastructure, such as system vulnerabilities and security protection measures;
  5. Other factors that may potentially affect China’s national security, and public interests.

It’s worth nothing that two criteria for the security assessment needing to be conducted by an industry regulator/regulatory authority were removed from the first draft of the Draft Measures: (1) data transfers exceeding 1,000GB; and (2) transfers involving the provision of personal information and important data to overseas recipients from KII Operators.

Penalties

Failure to comply with the CSL can result in harsh penalties for both violating companies and the directly responsible manager(s) or person(s) in charge.  Legal liabilities are specified in Article 59 through to Article 75 of the CSL.  For Network Operators, fines range from RMB 10,000 to 500,000, and for the directly responsible manager(s) or person(s) in charge, from RMB 5,000 and 100,000, depending on the article breached.  KII Operators, however, are subject to harsher penalties, and can be fined between RMB 50,000 and 1,000,000, and the directly responsible manager(s) or person(s) in charge, between RMB 10,000 and 100,000, depending on the article breached.  Additionally, penalties for all entities regulated under the CSL may also include the suspension of business operations, having the relevant business licenses or permits revoked, and potentially even being detained and serving a period of detention.

Concluding Remarks

While the CSL has already come into force, the Draft Measures, the Draft Guidelines and the Draft Regulation are still in draft form and haven’t yet been officially enacted.  With respect to the Draft Measures, while the second draft is the most up to date version available publically, and while reference has been made to a third draft by other industry sources, it is possible that there is an even more recent version which has not yet been released to the public.  As a result, there will still be uncertainty with regards to data localization and cross-border data transfers until the Draft Measures, the Draft Guidelines and the Draft Regulation are finalized.  It is expected that they will be finalized soon, and therefore both foreign and domestic Chinese companies should keep up to date with these legislative developments and prepare themselves for compliance with the new rules.

Enforcement of Foreign Judgments in China

It is reported that investors in China directly invested into non-financial industries in over 164 countries and regions worldwide, with total investment up to US$ 170 billion and maintained a trade volume of over RMB 24 trillion in 2016.  With the dynamic interaction between China and other countries, enforcement of foreign judgments in China has practically become more and more significant. 

Under the Civil Procedure Law of the PRC, it is possible to enforce foreign judgments in China according to applicable treaties or the principle of reciprocity.  Judgments from Taiwan, Macau and Hong Kong however can be enforced in China under reciprocal enforcement arrangements respectively.  It should also be noted that the foreign judgments on divorce, but not on the monetary issues involved in divorce, are generally enforceable in China in the absence of treaty arrangement or reciprocity. 

China has yet to enter into treaties for recognition and enforcement of judgments with its major trading and investment partners, including England, Japan, Germany, Australia and the USA, but with around 30 smaller countries, mostly developing. 

As such, any case based on reciprocal relationship has been intensely reviewed and interpreted in legal profession.  In fact, there is no official interpretation, either legislative or judicial, on the definition of reciprocity and the basis of the application. It is generally understood that a Chinese court will consider whether there is any precedent indicating reciprocity.  In other words, a Chinese court may recognize and enforce the judgment of a foreign country only if the foreign country in question has recognized and enforced the judgment issued by Chinese courts before.  In practice, the Chinese courts have traditionally adopted a conservative approach in enforcing foreign judgments on the basis of reciprocity. 

On the other hand, it is reported that many foreign countries started to recognize and enforce the judgments from China, notably German, the USA, Israel, and Singapore.  Due to this, the foreign judgment is gradually becoming enforceable in China.  The most recent case is the decision made by a court in Nanjing in December 2016, where the court recognized and enforced the judgment relating to a commercial matter rendered by the Supreme Court of Singapore on 22 October 2015 on the ground of the principle of reciprocity.  This decision is deemed a positive development although case laws are not applied in China.  In addition, according to a speech made by a judge in the Supreme Court of China in 2016, Chinese courts may consider enforcing the judgment of a foreign country which has not recognized and enforced the judgment issued by Chinese courts before, but intends to do so.

A foreign judgment should be final and conclusive and should not violate the basic morals and principles of PRC law, state sovereignty, national security, and public interest in order to be enforced in China.  The eligible parties to apply for enforcement are either the party who received the judgment or the foreign court that rendered it. The application should generally be filed within two years from the issuance of the judgment to the intermediate court which should have proper jurisdiction, i.e. over the property to be enforced against.

It is still uncertain if other Chinese courts will follow the approach of the court in Nanjing.  Unless the Chinese defendant has assets in a foreign jurisdiction outside China or there is a clear record of “reciprocity” in such foreign jurisdiction, it is highly advisable to consider other approaches rather than litigating outside China.  These approaches include: 1) international arbitration given the New York Convention ratified China, 2) litigation in Hong Kong according to the Arrangement on Reciprocal Recognition and Enforcement of Judgments in Civil and Commercial Matters, and 3) litigation in China.