China is developing a robust commercial privacy and cybersecurity framework. A cybersecurity law took effect in 2017, multiple agencies are issuing guidelines, and a new e-commerce law with privacy and cybersecurity provisions just entered into force on January 1, 2019.  Further privacy legislation is being drafted, as China may be looking to develop a companion to the comprehensive privacy law of Europe. (Meanwhile, the US has no comprehensive privacy or cybersecurity law; Congress will debate the issue this year, but the outcome is quite uncertain.)

This raises a number of provocative question: In terms of the relationship between consumers and corporations, is China becoming more privacy-protective than the US? How should we understand the overall privacy and cybersecurity trends in China? How well does China’s overall legal environment support the implementation of the new and proposed laws?

To try to answer some of these questions, the Berkeley Center for Law & Technology is organizing a one-day conference in San Francisco on March 1.  The agenda is here; registration is here.

Much of the focus will be comparative, with an emphasis on interoperability and cross-border compliance: Given the rapid developments in privacy and cybersecurity law in China and Europe, how can innovative companies that want to offer their goods and services worldwide comply? Topics will include the definition of reasonable cybersecurity standards under the laws of China, the EU and the US; corporate data governance strategies in the face of overlapping requirements; and enforcement.

The event is co-sponsored by Peking University, The EastWest Institute, The United States Information Technology Office (USITO), The Asia Society, JD.com, and New America.