On the morning of September, the first lecture of this year’s “IP Rights Lecture Series for Chinese Employees of Japanese Enterprises” was successfully held in the conference room on the 21_st Floor of Shanghai International Trade Center. The lecture, jointly held by Watson & Band and JETRO’s Shanghai Office, focused on “Data Security and Compliance” and was given by Watson & Band’s Partner, Ms. Rachel Zhang.

Ms. Zhang's lecture mainly covered the following three aspects: trends in data compliance regulation, what's brought by the Data Security Law, and hot issues in data compliance.

In the first session, Ms. Zhang first analyzed new trends in data compliance regulation and listed in detail the laws and regulations, guidance and national standards promulgated or issued by the relevant authorities. Then she proposed an outlook into data compliance regulation with a comprehensive thought on the international situation, the legislative developments and the hot issues. She held that the future regulation and governance would gradually expand to cover the entire mobility ecosystem, and the regulation capability and technology and the governance model would be further strengthened and developed; beside, the laws and regulations, the guidance and the national standards would be improved at an expedited pace, all of which would impose stricter requirements on the enterprises' data compliance work.

In the second session, Ms. Zhang analyzed the influences brought by the promulgation of the (Draft) Data Security Law in terms of the promulgation background, the scope of application, the national data security mechanisms and the obligations on the part of enterprises under the Data Security Law. Also, she shared opinions on the data classification and security level definition, the resolution mechanisms for network security emergency events and how could individual information depart the country border, and provided tips on the enterprises'obligations under the Data Security Law, e.g. enterprises should establish beginning-to-end data security management systems for their data-related activities and conduct risk evaluation on their activities at regular intervals.

In the last session, Ms. Zhang turned to eight typical issues in data compliance and shared her thoughts on them. In response to the questions of concerns by most attendees, she reminded them of the risks that should be noted during the data processing, e.g. the enterprises would face the risk of administrative fines for network security events if they should have completed the classified protection filing but failed to do so in effect.

After the lecture, Ms. Zhang also interacted with the attendees and answered questions that the enterprises were most concerned during their data processing and other operations.