Search Icon White
News Cover Image

China Publishes New Provisions on Cross-border Data Flow Administration with Exemptions on Security Assessment and Certification


ANSI Analysis of New Provisions Available for Members

On March 22, 2024, the Cyberspace Administration of China (CAC) published the Provisions on Promoting and Regulating Cross-border Data Flows to support the implementation of the Cybersecurity Law, Digital Security Law, and Personal Information Protection Law (PIPL).

Taking effect immediately, this new policy addresses some of the key concerns on transferring data abroad that multinational corporations had raised during the public comment solicitation. It also provides six scenarios where data processors can be exempted from the stringent assessment and certification requirements, including data generated and collected in international trade or academic cooperation, and personal information in cross-border human resources management or emergency situations. It is expected to reduce the compliance burden on companies and impose less regulatory control on the cross-border transfer of non-sensitive and non-important data and personal information.

To assist members in understanding the provisions, ANSI has developed an analysis that highlights several items related to standards and conformity assessment. ANSI members can access the analysis, as well as an English translation of the text and other useful resources, here with login credentials.

For more information or questions for the ANSI China Program, please contact [email protected].


Jana Zabinski

Senior Director, Communications & Public Relations


[email protected]

Beth Goodbaum

Journalist/Communications Specialist


[email protected]