# Data Compliance China

> Editorial translation and analysis of Chinese data-protection law, for overseas counsel and compliance teams. Primary sources translated carefully; editorial context on how the rules actually operate.

DCC is human-curated. Each brief summarizes a single piece of Chinese-language commentary, court ruling, regulatory bulletin, or official policy interpretation — with DCC framing for overseas counsel. Laws are translated from official Chinese with cross-references.

**For LLM ingestion:** every brief and every law has a `.md` companion URL with the raw markdown source (e.g. `/posts/<slug>.md`, `/laws/<slug>.md`). Full corpus dump at `/llms-full.txt`. Structured catalog at `/manifest.json`.

## Overview

- [Overview](https://datacompliancechina.com/overview/): 5-minute visual intro to China's data-compliance regime — foundation laws, regulators, the Subject × Object framework, cross-border paths.
- [About DCC](https://datacompliancechina.com/about/): editorial mission and audience.
- [Translation policy](https://datacompliancechina.com/translation-policy/): how DCC translates and summarizes.
- [Glossary](https://datacompliancechina.com/glossary/): bilingual ZH-EN terminology, 12 sections (JSON at `/glossary.json`).

## Laws and regulations

Index page: https://datacompliancechina.com/laws/ — 35 entries across handbooks, laws, administrative regulations, departmental rules, national standards, judicial interpretations, and drafts in consultation.

### Reference Handbook

- [China–Singapore Joint Data Compliance Guide: Practical Handbook — China Chapter (CN-SG Joint Guide)](https://datacompliancechina.com/laws/cs-joint-data-compliance-guide/)
  · ZH: 中国—新加坡联合数据合规指引：实务手册（中国篇）
  · Markdown: https://datacompliancechina.com/laws/cs-joint-data-compliance-guide.md
  · A 110-page bilingual practitioner handbook on Chinese data compliance, jointly compiled by the Shenzhen Data Exchange and Singapore's Asian Business Law Institute under the guidance of the Qianhai Authority.

### Law (NPC)

- [Personal Information Protection Law of the People's Republic of China (PIPL)](https://datacompliancechina.com/laws/pipl/)
  · ZH: 中华人民共和国个人信息保护法
  · Markdown: https://datacompliancechina.com/laws/pipl.md
  · PIPL is China's comprehensive personal-information protection regime.
- [Data Security Law of the People's Republic of China (DSL)](https://datacompliancechina.com/laws/dsl/)
  · ZH: 中华人民共和国数据安全法
  · Markdown: https://datacompliancechina.com/laws/dsl.md
  · The Data Security Law is the second of China's three foundational data statutes (alongside CSL and PIPL).
- [Cybersecurity Law of the People's Republic of China (2025 Amendment) (CSL)](https://datacompliancechina.com/laws/csl/) — amended
  · ZH: 中华人民共和国网络安全法（2025 修正）
  · Markdown: https://datacompliancechina.com/laws/csl.md
  · The Cybersecurity Law is the earliest of the three foundational data-protection statutes.
- [Civil Code — Personality Rights Book, Chapter on Privacy and Protection of Personal Information (Civil Code (PI Chapter))](https://datacompliancechina.com/laws/civil-code-personal-info/)
  · ZH: 中华人民共和国民法典 · 人格权编 · 隐私权和个人信息保护章
  · Markdown: https://datacompliancechina.com/laws/civil-code-personal-info.md
  · Articles 1032–1039 of the Civil Code's Personality Rights Book establish the civil-law foundation for privacy and personal-information protection in China.
- [Anti-Telecom and Online Fraud Law of the People's Republic of China (ATFL)](https://datacompliancechina.com/laws/anti-telecom-fraud-law/)
  · ZH: 中华人民共和国反电信网络诈骗法
  · Markdown: https://datacompliancechina.com/laws/anti-telecom-fraud-law.md

### Administrative Regulation (State Council)

- [Security Protection Regulations for Critical Information Infrastructure (CII Regulations)](https://datacompliancechina.com/laws/cii-protection-regulations/)
  · ZH: 关键信息基础设施安全保护条例
  · Markdown: https://datacompliancechina.com/laws/cii-protection-regulations.md
  · These Regulations operationalize the Critical Information Infrastructure (CII) regime under CSL Articles 31–39.
- [Opinions of the CPC Central Committee and the State Council on Building a Basic Data System to Better Play the Role of Data Elements (Data Twenty Opinions)](https://datacompliancechina.com/laws/data-foundation-system-opinions/)
  · ZH: 中共中央 国务院关于构建数据基础制度更好发挥数据要素作用的意见
  · Markdown: https://datacompliancechina.com/laws/data-foundation-system-opinions.md
  · The foundational 20-article policy directive jointly issued by the CPC Central Committee and the State Council laying out China's national data basic system: data property rights structural subdivision (holding right / processing right / op…
- [Regulation on Network Data Security Management](https://datacompliancechina.com/laws/network-data-security-regulations/)
  · ZH: 网络数据安全管理条例
  · Markdown: https://datacompliancechina.com/laws/network-data-security-regulations.md
  · The Network Data Security Management Regulation is the State Council's overarching implementing regulation for the three foundational data-protection statutes (CSL, DSL, PIPL).
- [Regulations on the Protection of Minors in Cyberspace](https://datacompliancechina.com/laws/minors-online-protection-regulations/)
  · ZH: 未成年人网络保护条例
  · Markdown: https://datacompliancechina.com/laws/minors-online-protection-regulations.md
  · Implementing regulation for the protection of minors under PIPL and CSL.
- [Regulations on the Sharing of Government Data](https://datacompliancechina.com/laws/government-data-sharing-regulations/)
  · ZH: 政务数据共享条例
  · Markdown: https://datacompliancechina.com/laws/government-data-sharing-regulations.md
  · The first comprehensive State Council regulation specifically governing the sharing of government data across agencies.
- [Administrative Measures for Internet Information Services (2024 Revision)](https://datacompliancechina.com/laws/internet-information-services-measures/)
  · ZH: 互联网信息服务管理办法（2024 修订）
  · Markdown: https://datacompliancechina.com/laws/internet-information-services-measures.md
  · The foundational regulation of Internet Information Services (ICP) in China — the regulatory baseline beneath nearly every later data-protection rule.
- [Administrative Regulation for Public Security Video Image Information Systems (PVISR)](https://datacompliancechina.com/laws/public-security-video-image-system-regulations/)
  · ZH: 公共安全视频图像信息系统管理条例
  · Markdown: https://datacompliancechina.com/laws/public-security-video-image-system-regulations.md
  · The State Council's overarching regulation for public security video image information systems (公共安全视频系统) in public places.

### Departmental Rule

- [Measures for the Security Assessment of Data Export](https://datacompliancechina.com/laws/data-export-security-assessment-measures/)
  · ZH: 数据出境安全评估办法
  · Markdown: https://datacompliancechina.com/laws/data-export-security-assessment-measures.md
  · The first of CAC's three cross-border transfer pathways.
- [Measures on the Standard Contract for the Outbound Transfer of Personal Information (SCC Measures)](https://datacompliancechina.com/laws/personal-info-standard-contract-measures/)
  · ZH: 个人信息出境标准合同办法
  · Markdown: https://datacompliancechina.com/laws/personal-info-standard-contract-measures.md
  · The second of CAC's three cross-border transfer pathways: signing a CAC-prescribed Standard Contract with the overseas recipient and filing it with the provincial CAC.
- [Provisions on Promoting and Regulating Cross-border Data Flows](https://datacompliancechina.com/laws/cross-border-data-flows-provisions/)
  · ZH: 促进和规范数据跨境流动规定
  · Markdown: https://datacompliancechina.com/laws/cross-border-data-flows-provisions.md
  · The 2024 Cross-border Data Flow Provisions are CAC's relaxation package on outbound data transfer.
- [Guide to the Filing of the Standard Contract for Outbound Transfer of Personal Information (First Edition)](https://datacompliancechina.com/laws/personal-info-standard-contract-filing-guide/)
  · ZH: 个人信息出境标准合同备案指南（第一版）
  · Markdown: https://datacompliancechina.com/laws/personal-info-standard-contract-filing-guide.md
  · CAC's procedural guide accompanying the SCC Measures.
- [Explanation of Common Terms in the Field of Data (First Batch) (Data Terms Batch 1)](https://datacompliancechina.com/laws/common-data-terms-batch-1/)
  · ZH: 数据领域常用名词解释（第一批）
  · Markdown: https://datacompliancechina.com/laws/common-data-terms-batch-1.md
  · The first installment of official terminology explanations issued by the National Data Administration.
- [Explanation of Common Terms in the Field of Data (Second Batch) (Data Terms Batch 2)](https://datacompliancechina.com/laws/common-data-terms-batch-2/)
  · ZH: 数据领域常用名词解释（第二批）
  · Markdown: https://datacompliancechina.com/laws/common-data-terms-batch-2.md
  · The second installment of official terminology explanations issued by the National Data Administration, continuing the consensus-building effort that began with the First Batch in December 2024.
- [Measures for the Certification of the Cross-border Provision of Personal Information](https://datacompliancechina.com/laws/cross-border-pi-certification-measures/)
  · ZH: 个人信息出境认证办法
  · Markdown: https://datacompliancechina.com/laws/cross-border-pi-certification-measures.md
  · The third of CAC's three cross-border transfer pathways — PI Protection Certification — finally given its own dedicated rules effective January 1, 2026.
- [Administrative Measures for Personal Information Protection Compliance Audits](https://datacompliancechina.com/laws/personal-info-audit-measures/)
  · ZH: 个人信息保护合规审计管理办法
  · Markdown: https://datacompliancechina.com/laws/personal-info-audit-measures.md
  · These Measures implement the compliance-audit obligation in PIPL Article 54.
- [Cybersecurity Review Measures](https://datacompliancechina.com/laws/cybersecurity-review-measures/)
  · ZH: 网络安全审查办法
  · Markdown: https://datacompliancechina.com/laws/cybersecurity-review-measures.md
  · The 2021 update to the cybersecurity review regime, expanded after the Didi enforcement action.
- [Interim Measures for the Management of Generative Artificial Intelligence Services](https://datacompliancechina.com/laws/genai-services-interim-measures/)
  · ZH: 生成式人工智能服务管理暂行办法
  · Markdown: https://datacompliancechina.com/laws/genai-services-interim-measures.md
  · China's flagship generative-AI regulation — the first comprehensive national regulation of GenAI services anywhere in the world.
- [Provisions on the Administration of Algorithmic Recommendation Services for Internet Information Services](https://datacompliancechina.com/laws/algorithmic-recommendation-provisions/)
  · ZH: 互联网信息服务算法推荐管理规定
  · Markdown: https://datacompliancechina.com/laws/algorithmic-recommendation-provisions.md
  · The first comprehensive Chinese regulation of recommendation algorithms.
- [Provisions on the Administration of Deep Synthesis of Internet Information Services](https://datacompliancechina.com/laws/deep-synthesis-provisions/)
  · ZH: 互联网信息服务深度合成管理规定
  · Markdown: https://datacompliancechina.com/laws/deep-synthesis-provisions.md
  · Regulates deepfakes and AI-driven content synthesis — the precursor to the GenAI Measures and the AI Content Labeling Measures.
- [Measures for the Labeling of AI-Generated and Composed Content](https://datacompliancechina.com/laws/ai-content-labeling-measures/)
  · ZH: 人工智能生成合成内容标识办法
  · Markdown: https://datacompliancechina.com/laws/ai-content-labeling-measures.md
  · The newest of China's AI rules — mandatory labeling for AI-generated and AI-composed content, including text, images, audio, video, and virtual scenes.
- [Interim Measures for the Management of AI Anthropomorphic Interaction Services](https://datacompliancechina.com/laws/ai-anthropomorphic-interaction-measures/)
  · ZH: 人工智能拟人化互动服务管理暂行办法
  · Markdown: https://datacompliancechina.com/laws/ai-anthropomorphic-interaction-measures.md
  · China's first regulation specifically targeting AI 'anthropomorphic interaction' — services where users converse with AI personas (virtual companions, chatbot relationships, character AI).
- [Measures for the Security Review of Foreign Investments (FISR Measures)](https://datacompliancechina.com/laws/foreign-investment-security-review-measures/)
  · ZH: 外商投资安全审查办法
  · Markdown: https://datacompliancechina.com/laws/foreign-investment-security-review-measures.md
  · The Foreign Investment Security Review (FISR) Measures govern review of foreign investment in China that affects or may affect national security.
- [Administrative Measures for the Application Security of Facial Recognition Technology (FRT Measures)](https://datacompliancechina.com/laws/facial-recognition-technology-application-measures/)
  · ZH: 人脸识别技术应用安全管理办法
  · Markdown: https://datacompliancechina.com/laws/facial-recognition-technology-application-measures.md
  · The dedicated CAC + MPS rule for facial-recognition technology applications, implementing PIPL Articles 26 and 28–32 and the Civil Code privacy chapter.
- [Interim Measures for the Registration and Administration of Public Data Resources](https://datacompliancechina.com/laws/public-data-registration-interim-measures/)
  · ZH: 公共数据资源登记管理暂行办法
  · Markdown: https://datacompliancechina.com/laws/public-data-registration-interim-measures.md
  · The Interim Measures establish a nationally unified registration system for public data resources — data collections produced by Party and government organs and public institutions in the course of performing statutory duties or providing p…
- [Implementation Specifications for Authorized Operation of Public Data Resources (Trial)](https://datacompliancechina.com/laws/public-data-authorized-operation-specifications/)
  · ZH: 公共数据资源授权运营实施规范（试行）
  · Markdown: https://datacompliancechina.com/laws/public-data-authorized-operation-specifications.md
  · Companion rule to the Public Data Registration Interim Measures (also NDRC + NDA, January 2025).

### National Standard

- [GB/T 44297—2024 Data Items of Video and Image Information for Public Security (GB/T 44297—2024)](https://datacompliancechina.com/laws/gbt-44297-public-security-video-data-items/)
  · ZH: GB/T 44297—2024 公共安全视频图像信息数据项
  · Markdown: https://datacompliancechina.com/laws/gbt-44297-public-security-video-data-items.md
  · GB/T 44297—2024 is the national recommended standard that specifies the data items used in public-security video image information systems — the underlying field-level schema that camera systems, video platforms, and analysis tools use to d…
- [Cybersecurity Standards Practice Guide — Sensitive Personal Information Identification Guide (v1.0, September 2024) (TC260 Sensitive PI Guide)](https://datacompliancechina.com/laws/tc260-sensitive-pi-identification-guide/)
  · ZH: 网络安全标准实践指南 — 敏感个人信息识别指南 (v1.0-202409)
  · Markdown: https://datacompliancechina.com/laws/tc260-sensitive-pi-identification-guide.md
  · TC260's September 2024 practice guide for identifying sensitive personal information under PIPL Article 28.

### Judicial Interpretation

- [Provisions of the Supreme People's Court on Several Issues Concerning the Application of Law in the Trial of Civil Cases Involving the Use of Facial Recognition Technology to Process Personal Information (FRT Judicial Interpretation)](https://datacompliancechina.com/laws/facial-recognition-judicial-interpretation/)
  · ZH: 最高人民法院关于审理使用人脸识别技术处理个人信息相关民事案件适用法律若干问题的规定
  · Markdown: https://datacompliancechina.com/laws/facial-recognition-judicial-interpretation.md
  · The Supreme People's Court's interpretation of how civil courts should apply law in cases involving facial recognition.

### Draft for Consultation

- [Data Property Rights Registration Work Guide (Trial) — Draft for Public Consultation](https://datacompliancechina.com/laws/data-property-rights-registration-guide-draft/) — draft
  · ZH: 数据产权登记工作指引（试行）（公开征求意见稿）
  · Markdown: https://datacompliancechina.com/laws/data-property-rights-registration-guide-draft.md
  · NDA's first comprehensive draft framework for the registration of Data Property Rights — the rights to hold, use, and operate data established under the Data 20 Articles policy.

## Featured briefings

DCC briefings translate and frame Chinese-language commentary, regulatory bulletins, and policy interpretations for overseas counsel.

- [Datatang v. Yinmu — China's First Ruling on a Data-IP Registration Certificate, and Why Open-Sourced Data Is Still Protected](https://datacompliancechina.com/posts/datatang-v-yinmu-data-ip-registration-case/) — 2026-05-29
  · Markdown: https://datacompliancechina.com/posts/datatang-v-yinmu-data-ip-registration-case.md
  · A consolidated case study of 数据堂诉隐木科技 (Datatang v.
- [Reviving a Zombie Provision — Xu Ke's Concentric-Circle Reconstruction of the Anonymization Regime](https://datacompliancechina.com/posts/xu-ke-anonymization-zombie-provision/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/xu-ke-anonymization-zombie-provision.md
  · Xu Ke (UIBE) calls PIPL Article 4's anonymization carve-out a 'zombie provision' (僵尸法条) — on the books, never used, and one of the biggest blockages in the data-element market.
- [From 'Cannot Be Restored' to 'Difficult to Restore' — TRIMPS on Whether Anonymization Is Absolute, and Whether It's Recipient-Relative](https://datacompliancechina.com/posts/yao-qian-pi-anonymization-relativity/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/yao-qian-pi-anonymization-relativity.md
  · The Third Research Institute of the Ministry of Public Security (TRIMPS) — the body behind China's classified-protection regime and national eID platform — takes on the two questions that determine whether anonymization actually gets data o…
- [Zhu Xiaofeng — Who Pays When GenAI Causation Is Unclear? Applying Civil Code Article 1254 by Analogy](https://datacompliancechina.com/posts/zhu-xiaofeng-genai-pi-causation-unclear-liability/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/zhu-xiaofeng-genai-pi-causation-unclear-liability.md
  · Zhu Xiaofeng (Central University of Finance and Economics Law School) takes on the GenAI causation black hole — when a personal-information harm clearly arises from a GenAI service but specific causation among model designer, model provider…
- [Tang Linyao — Data-Broker Derivative Harms and the 'Data Integration Analysis Framework'](https://datacompliancechina.com/posts/tang-linyao-data-broker-derivative-harms/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/tang-linyao-data-broker-derivative-harms.md
  · Tang Linyao (Chinese Academy of Social Sciences) maps the regulatory gap for data-broker derivative harms — the harms that arise not from direct PI leakage but from the integration and aggregation activity that data brokers themselves perfo…
- [Wang Nian — Data Source's Rights as a 'Fair Use' Right Alongside the Three Rights](https://datacompliancechina.com/posts/wang-nian-data-source-rights-as-fair-use/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/wang-nian-data-source-rights-as-fair-use.md
  · Wang Nian (Tsinghua Law) takes on the unresolved fourth-right question in the Data 20 Articles framework: what is the data source's right (数据来源者权), and how does it relate to the three rights (hold/use/operate)? Drawing on the 'data symbiosi…
- [Seven Lessons for Data Compliance Teams from the SAMR 'Ghost Takeout' Series — 3.5 Billion Yuan, 9-Month Suspensions, and the Per-Merchant Aggregation Doctrine](https://datacompliancechina.com/posts/samr-ghost-takeout-data-compliance-lessons/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/samr-ghost-takeout-data-compliance-lessons.md
  · In April 2026, the State Administration for Market Regulation (SAMR) imposed administrative penalties on seven major e-commerce platforms in the 'ghost takeout' series — 3.5 billion yuan in aggregate corporate fines, nearly 20 million yuan…
- [Mapping the AI Agent Risk Surface — A Ten-Category Taxonomy Under China's New 智能体新规](https://datacompliancechina.com/posts/ai-agent-rules-risk-taxonomy/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/ai-agent-rules-risk-taxonomy.md
  · China's Cyberspace Administration jointly issued the Implementation Opinions on Standardized Application and Innovation Development of AI Agents (the '智能体新规' or 'Agent Rules') on May 8, 2026 — the first dedicated regulatory document on AI a…
- [Operationalizing AI Agent Governance — A Ten-Step Internal Control Framework](https://datacompliancechina.com/posts/ai-agent-rules-governance-framework/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/ai-agent-rules-governance-framework.md
  · Part 2 of DCC's brief on the Chinese Agent Rules (《智能体规范应用与创新发展实施意见》, May 2026).
- [Open-Source Does Not Mean Open Data — Zhang Ping on Training-Data Compliance for Open-Source AI](https://datacompliancechina.com/posts/open-source-ai-training-data-compliance/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/open-source-ai-training-data-compliance.md
  · Peking University Law School professor Zhang Ping, writing in 人民论坛 (People's Tribune), takes apart two misconceptions that have dominated the Chinese open-source AI discussion: that 'open source' means training data has no copyright protect…
- [MIIT Public-Naming Bulletin 2026 Batch 3 (Total Batch 56): 31 Apps and SDKs Cited for PI Violations and Window-Redirect Abuse](https://datacompliancechina.com/posts/miit-2026-batch-3-31-app-public-naming/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/miit-2026-batch-3-31-app-public-naming.md
  · MIIT's Information & Communications Administration Bureau published its 2026 Batch 3 public-naming bulletin (total Batch 56) on May 21, 2026, citing 31 apps and SDKs for violations of personal-information collection rules and window-redirec…
- [NDA Explains the Three-Rights Framework — A Plain-Language Walk-Through from the Regulator Itself](https://datacompliancechina.com/posts/nda-three-rights-structural-separation/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/nda-three-rights-structural-separation.md
  · The National Data Administration's official 政策解读 (policy interpretation) on the three-rights framework — the right to hold, the right to use, and the right to operate data — established by the Data 20 Articles.

## Recent briefings

Full index at https://datacompliancechina.com/posts/ — 36 entries.

- [Datatang v. Yinmu — China's First Ruling on a Data-IP Registration Certificate, and Why Open-Sourced Data Is Still Protected](https://datacompliancechina.com/posts/datatang-v-yinmu-data-ip-registration-case/) — 2026-05-29
  · Markdown: https://datacompliancechina.com/posts/datatang-v-yinmu-data-ip-registration-case.md
- [Reviving a Zombie Provision — Xu Ke's Concentric-Circle Reconstruction of the Anonymization Regime](https://datacompliancechina.com/posts/xu-ke-anonymization-zombie-provision/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/xu-ke-anonymization-zombie-provision.md
- [The 'Rights Block' — Xu Ke's Structural Theory Behind China's Data-Property Framework](https://datacompliancechina.com/posts/xu-ke-data-rights-block-structure/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/xu-ke-data-rights-block-structure.md
- [When Does Data Become an Asset? Xu Ke on Identifying and Defining Data Assets](https://datacompliancechina.com/posts/xu-ke-data-asset-identification/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/xu-ke-data-asset-identification.md
- [From 'Cannot Be Restored' to 'Difficult to Restore' — TRIMPS on Whether Anonymization Is Absolute, and Whether It's Recipient-Relative](https://datacompliancechina.com/posts/yao-qian-pi-anonymization-relativity/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/yao-qian-pi-anonymization-relativity.md
- [Zhu Xiaofeng — Who Pays When GenAI Causation Is Unclear? Applying Civil Code Article 1254 by Analogy](https://datacompliancechina.com/posts/zhu-xiaofeng-genai-pi-causation-unclear-liability/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/zhu-xiaofeng-genai-pi-causation-unclear-liability.md
- [Ai Lin — Why Platform Gig Workers Need PI-Protection Tilt and How to Build It](https://datacompliancechina.com/posts/ai-lin-platform-gig-worker-pi-protection/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/ai-lin-platform-gig-worker-pi-protection.md
- [Tang Linyao — Data-Broker Derivative Harms and the 'Data Integration Analysis Framework'](https://datacompliancechina.com/posts/tang-linyao-data-broker-derivative-harms/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/tang-linyao-data-broker-derivative-harms.md
- [Wang Nian — Data Source's Rights as a 'Fair Use' Right Alongside the Three Rights](https://datacompliancechina.com/posts/wang-nian-data-source-rights-as-fair-use/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/wang-nian-data-source-rights-as-fair-use.md
- [Seven Lessons for Data Compliance Teams from the SAMR 'Ghost Takeout' Series — 3.5 Billion Yuan, 9-Month Suspensions, and the Per-Merchant Aggregation Doctrine](https://datacompliancechina.com/posts/samr-ghost-takeout-data-compliance-lessons/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/samr-ghost-takeout-data-compliance-lessons.md
- [Mapping the AI Agent Risk Surface — A Ten-Category Taxonomy Under China's New 智能体新规](https://datacompliancechina.com/posts/ai-agent-rules-risk-taxonomy/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/ai-agent-rules-risk-taxonomy.md
- [Operationalizing AI Agent Governance — A Ten-Step Internal Control Framework](https://datacompliancechina.com/posts/ai-agent-rules-governance-framework/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/ai-agent-rules-governance-framework.md
- [Open-Source Does Not Mean Open Data — Zhang Ping on Training-Data Compliance for Open-Source AI](https://datacompliancechina.com/posts/open-source-ai-training-data-compliance/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/open-source-ai-training-data-compliance.md
- [MIIT Public-Naming Bulletin 2026 Batch 3 (Total Batch 56): 31 Apps and SDKs Cited for PI Violations and Window-Redirect Abuse](https://datacompliancechina.com/posts/miit-2026-batch-3-31-app-public-naming/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/miit-2026-batch-3-31-app-public-naming.md
- [NDA Explains the Three-Rights Framework — A Plain-Language Walk-Through from the Regulator Itself](https://datacompliancechina.com/posts/nda-three-rights-structural-separation/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/nda-three-rights-structural-separation.md
- [Who Is the 'Data Processor' Under the Three-Rights Framework — NDA's Farm-Equipment Hypothetical](https://datacompliancechina.com/posts/nda-data-processor-property-rights-allocation/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/nda-data-processor-property-rights-allocation.md
- [Cloud, BPO, and Other Entrusted-Processing Arrangements: Why the Processor Doesn't Get the Rights](https://datacompliancechina.com/posts/nda-entrusted-data-processing-property-rights/) — 2026-05-28
  · Markdown: https://datacompliancechina.com/posts/nda-entrusted-data-processing-property-rights.md
- ['Important Data' Is a Category, Not a Tier](https://datacompliancechina.com/posts/important-data-category-not-tier/) — 2026-05-04
  · Markdown: https://datacompliancechina.com/posts/important-data-category-not-tier.md
- [Why China Used Foreign Investment Security Review on Manus — Not Tech or Data Export](https://datacompliancechina.com/posts/manus-foreign-investment-security-review/) — 2026-04-28
  · Markdown: https://datacompliancechina.com/posts/manus-foreign-investment-security-review.md
- [Cold Water on 'Token Trading' — Wang Qinglan on the NDA's High-Quality Data Set Initiative](https://datacompliancechina.com/posts/qinglan-token-trading-cold-water/) — 2026-04-24
  · Markdown: https://datacompliancechina.com/posts/qinglan-token-trading-cold-water.md

## Enforcement tracker

- [Enforcement tracker](https://datacompliancechina.com/enforcement/): chronicle of public enforcement actions by MIIT, CAC, MPS, SAMR, and sector regulators.

## Optional

- [RSS feed](https://datacompliancechina.com/rss.xml): structured feed of all briefings.
- [Sitemap](https://datacompliancechina.com/sitemap-index.xml): full URL inventory.
- [Manifest](https://datacompliancechina.com/manifest.json): JSON catalog of all briefs, laws, and glossary entries with metadata and markdown URLs.
- [Subscribe](https://datacompliancechina.com/): weekly Monday digest of new briefings (Resend).