China: Measures for the standard contract for outbound transfer of personal information – part one

Managing IP is part of Legal Benchmarking Limited, 4 Bouverie Street, London, EC4Y 8AX

Copyright © Legal Benchmarking Limited and its affiliated companies 2025

Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

Cookies Settings
Expert Analysis
Local Insights

China: Measures for the standard contract for outbound transfer of personal information – part one

Sponsored by

Tahota logo.JPG
Charles Feng
Lian XueYifan Lu
May 09 2023
social-media-1635577 (1).jpg

In the first of a two-part series, Charles Feng, Lian Xue and Yifan Lu of Tahota outline the key features of China’s new measures for the cross-border sharing of personal information

On February 24 2023, the Cyberspace Administration of China (CAC) published the Measures for the Standard Contract for Outbound Transfer of Personal Information (the Measures). It also published its annexes of Standard Contract for Outbound Transfer of Personal Information (Standard Contract), which will be implemented from June 1 2023. The Measures were issued after the issuance of the Security Assessment Measures for Outbound Data Transfers in September 2022. The Measures, along with a security assessment and personal information protection certification, will be one of the three major approaches for the outbound transfer of personal information.

In comparison to the other two routes, the Standard Contract for personal information is widely regarded as having certain advantages. These include lower costs and an easier operation, with high reference and application value for enterprises with cross-border personal information transfers. In conjunction with the new Measures and the Standard Contract, there are the following key points that enterprises need to focus on in their compliance work for cross-border personal information transfer.

Salient features of the Standard Contract

Strict format contract

In comparison to previous drafts of the Measures and Standard Contract for public comments, the official version of the Standard Contract further restricted the autonomy of will. The domestic personal information processor and the overseas recipient must sign and perform in strict accordance with the terms provided by the CAC. In addition, only the CAC is authorised to amend and modify the Standard Contract. The Standard Contract of the Measures is complete and specific, covering various aspects including:

  • Basic information;

  • Obligations of personal information processors and overseas recipients;

  • Rights and obligations of subjects of personal information;

  • The relationship between laws and regulations of the receiving place and the performance of the Standard Contract; and

  • Remedies and liabilities for breach of contract.

In addition, the Measures clearly stipulate that enterprises must not make additional agreements or any other forms of documents that conflict with the terms of the Standard Contract.

Recordation of the Standard Contract

According to the Measures, personal information processors are required to file a recordal of the Standard Contract with their local cyberspace administration within 10 working days from the effective date of the Standard Contract. Compared to the security assessment, the application of the Standard Contract is ampler in terms of preparation time and simpler in terms of administrative procedures. For enterprises that meet the requirements of the Standard Contract, such a path is undoubtedly more convenient and flexible, which is an advantage.

Protection of rights of the owner of personal information

The Standard Contract embodies the rights and obligations of three parties, namely: the domestic personal information processor, the overseas recipient and the owner of personal information. The establishment of the Standard Contract between the domestic personal information processor and the overseas recipient as the contracting parties will have a direct impact on the rights of the owner of personal information. The Standard Contract provides the owner of personal information as:

  • A beneficiary, and

  • Authorised to sue the personal information processor and the overseas recipient directly.

The Standard Contract also facilitates litigation and remedies for the owner of personal information through joint and several liability clauses if infringement occurs.

Tahota would like to thank Jing-mei Luo for their contribution to the article.

Topics

ChinaTahota Law Firm
Charles Feng B&W.jpg
Charles Feng
Senior partner Tahota Law Firm
Contact
Mr. Feng is a reputable intellectual property (IP) and data law expert with substantial experience in IP law, data protection law, and antitrust law with reputable international and Chinese law firms. He focuses on IP litigation, trademark enforcement, and patent portfolio management, as well as cyber law-related matters.

Mr. Feng has represented numerous foreign clients from the US, the EU, and Japan at various levels of courts, as well as administrative organs in China. He is particularly experienced in addressing clients' commercial needs in the areas of IP litigation, arbitration, and prosecution, including patents, copyrights, trademarks, domain names, unfair competition, and trade secrets.

In addition to his work in the courtrooms, he has been involved in IP transactional work, including the drafting, negotiation, and enforcement of IP assignment or licensing agreements. Mr. Feng and his team have also represented multinationals in dealing with their legal matters in relation to cybersecurity, privacy, and data protection.
LX
Lian Xue
Tahota Law Firm
YL
Yifan Lu
Tahota Law Firm
more from across site and SHARED ros bottom lb

More from across our site

Patents
Europe viewed from space at night with city lights in European Union member states, global EU business and finance, satellite communication technology, 3D render of planet Earth, world map from NASA
State of the market: The steady performers of Europe’s IP industry
A comparison of the 2024 and 2025 editions of the Managing IP EMEA Awards reveals the firms and companies that have been dominating Europe’s IP market year after year
Sukanya Sarkar, May 21 2025
Trademarks
TuesdayINTA.jpg
Tuesday at INTA: BD tips for lawyers | Tackling SEPs
Tuesday's coverage includes BD tips for aspiring partners, and a foray into the world of SEPs
Rani Mehta, May 21 2025
What Corporates Want
Copy of What Corporates Want 2025 (1).png
US IP counsel left wanting on value for money
Exclusive data reveals law firms are failing to go above and beyond for their corporate clients, with in-house counsel saying advisers should consider more transparent billing processes
Max Walters, May 20 2025
Patents
Photo merge template.png
Behind the case: How Osborne Clarke and EIP broke new ground at the CoA
Arty Rajendra and Gary Moss discuss why ‘thorough and intense’ preparation, plus the odd glass of wine, led to a record FRAND victory for their client
Max Walters, May 20 2025
Trademarks
INTA.jpg
Monday at INTA: ‘Game-changing’ TM developments in China | Agentic AI
Monday’s coverage includes news of a potentially 'game-changing' trademark development in China and how practitioners are using AI
Rani Mehta, May 19 2025
Trademarks
TMrankings.png
IP STARS trademark rankings to be revealed
Managing IP gives a taster of the numbers behind this year’s IP STARS trademark rankings, and looks back at our 2025 award winners
May 19 2025
Trademarks
INTACeremonies.jpg
Sunday at INTA: Law firms must develop 'industry expertise' | IP office updates
Updates from IP offices, the shifting requirements of in-house counsel, and news of London 2026 were among major talking points on Sunday
Max Walters, May 19 2025
Trademarks
MIP Podcast newsletter header banner sample-2000.jpg
The IP Lounge: INTA CEO on IP ‘positivity’ and London 2026
Etienne Sanz de Acedo discusses the association’s three-year plan, what he is looking forward to in San Diego, and why London came calling for 2026
Max Walters, May 19 2025
Trademarks
donation money for a good cause
Helping others with an IP hook: Brand Action sponsors on 'making a difference'
Professionals from three organisations reveal what led them to sponsor Brand Action and why doing so can build camaraderie
Rani Mehta, May 18 2025
Patents
AdobeStock_444563933_Editorial_Use_Only.jpg
This week on MIP: 10x Genomics and NanoString settle | UPC sides with Amgen
The results of a UK government consultation on the exhaustion of IP rights and an annual review published by the EPO’s Boards of Appeal were also among the top talking points this week
Sukanya Sarkar, May 16 2025
Gift this article