China gives businesses 19 months to comply with controversial cross-border cyber data rules


China will delay enforcement for 19 months of part of its controversial cybersecurity law, after vigorous complaints from foreign businesses.

The Cybersecurity Law takes effect from Thursday but the Cybersecurity Administration, the government body responsible for overseeing it, said a grace period would be given for businesses to comply with cross-border data transfer regulations. That period starts ­on June 1 and continues until the end of next year.

The law was passed in November to “defend cyberspace sovereignty, national security and public interests”, according to the central government. But foreign companies and governments complained the law set unfair barriers, ran counter to World Trade Organisation rules, and lacked compliance details.

Michael Chang, vice-president of the European Union Chamber of Commerce in China, said some key areas of the law would have a huge impact on the way business was done on the mainland. “There are [still] uncertainties and unclarified terms,” Chang said.

Read more at SCMP