Skip to content
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
§ RESOURCES

Data-export negative lists.

Every FTZ and province-level data-export negative list published to date, in one registry — with each list's scope, scale, management model, and official source.

Article 6 of the 2024 Provisions on Promoting and Regulating Cross-border Data Flows lets Free Trade Zones publish their own data-export negative lists. The logic is 非禁即准 — “not prohibited means permitted”: data that falls on a list needs the standard CAC pathway (security assessment, standard contract, or certification); data that falls off the list flows across the border freely. Each list therefore doubles as a public, sector-specific catalogue of what its issuer treats as regulated outbound data.

As of July 2026, 10 regions have published lists spanning roughly 35+ distinct sectors. Two management models have emerged: pre-export filing (apply to the FTZ administrator before transferring — Tianjin, Beijing, Zhejiang, Fujian, and others) and post-export reporting (transfer first, report to the local cross-border data service centre after — Shanghai, Guangdong). Each entry links to its official source; downloadable originals appear once added.

§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.