Show all guides
China
Other

China enacts new rules for personal information audits

Last update:
May 20, 2025

The Cyberspace Administration of China’s (CAC) new Measures for Personal Information Protection Compliance Audits were finalized in February and took effect this month. These measures, together with additional regulations, form China’s compliance audit system, which is mandatory under the Personal Information Protection Law (PIPL). 

Audits may be self-initiated or regulator-mandated, as processors managing personal information of more than 10 million individuals are required to conduct an audit every two years. If a security incident occurs or the regulator suspects a high risk to user data, the company may need to conduct the audit through a professional agency. 

The full guidelines can be found
here

Related Guides

President Biden Releases Executive Order on AI

October 30, 2023

The US releases its first major reaction to the surge in AI, with guidelines on the usage and development of AI
North America
Other

Amazon Loses Court Appeal Over €746M GDPR Fine

March 19, 2025

In March 2025, a Luxembourg court upheld a €746M GDPR fine against Amazon for unlawfully processing user data for targeted ads. The ruling reinforces the importance of valid consent and privacy rights under EU law.
Europe
Other
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only