Publish time: 2019-7-2
On the afternoon of May 8 2019, a symposium on “Cross-border Data Protection” jointly organized by the Beijing Arbitration Commission / Beijing International Arbitration Center (the “BAC”), the BakerHostetler LLP and the China In-house Counsel Management Research Center (the “CICMRC”) was successfully held at the BAC International Conference Hall. This event belongs to the BAC Forum for Selected Professionals series, and has attracted more than 80 professionals from scientific and technical enterprises, financial institutions, colleges and law firms.
The symposium was moderated by Dr. Chen Fuyong, Deputy Secretary General of the BAC. At the beginning of the symposium, Mr. Lin Zhiwei, Secretary General of the BAC, delivered an opening address. Mr. Lin thought that data protection is a cutting-edge issue, and closely related to the work and life of everyone. With the new features emerged in modern transactions, data protection has growing influences on both individuals and enterprises, and thus how personal data and privacy could be well protected becomes a significant and emergent issue of enterprises and lawyers. Meanwhile, Mr. Lin introduced the initial aim and development of the BAC Forum for Selected Professionals series, and looked forward to cooperation with more professionals of more areas of expertise, establishing a professional platform for legal practitioners for the sharing of knowledge and experience.
Dr. Chen Fuyong
Mr. Lin Zhiwei
Thereafter, Mr. Ye Xiaozhong, Co-director of the CICMRC, delivered a welcome speech. Mr. Ye said that with the internet development and especially the large-scale application of 5G, data will be launched into mass production in various industries on unprecedented scale and at unprecedented speed, and thus data will become the most important production pattern of modern enterprises. Next, when the extensive application of data offered great convenience to the society, it also will bring challenges to the operation rules of the society and enterprises. The collection, analysis and use of data will be unavoidable, and may bring systematic impact on the operation of the whole society in the absence of law rules and legal protection. Mr. Ye also stressed that under the background of economic globalization and the large-scale “going abroad” of Chinese enterprises, high attention should be paid to the cross-border flow of data, so as to develop the value of data to the maximum extent.
Mr. Ye Xiaozhong
In the session of keynote speech, Mr. Theodore Kobus, Partner and the leader of BakerHostetler’s Privacy and Data Protection Team gave a speech on “Data Breach Handling and Data Security Practice”. Mr. Theodore Kobus firstly clarified industries that often face data leakage including healthcare, finance, insurance, technology, film, television and entertainment industries, and then made detailed analysis of the five main reasons that may result in data leakage, including phishing, network intrusion, equipment/records’ being stolen or lost, negligence and system misconfiguration. From aspects of the types of data that are vulnerable to leakage, relevant liability subjects and accident handling process, Mr. Theodore Kobus provided suggestion concerning data protection and the handling of data leakage.
Mr. Theodore Kobus
Ms. Melinda McLellan, Partner and Co-leader of BakerHostetler’s EU General Data Protection Regulation (GDPR) Initiative, gave a speech on “US Privacy Law: Upcoming Changes Next Year”. Ms. Melinda McLellan firstly introduced the federal and states’ legislation system on privacy protection of the US, and made a detailed interpretation of the California Consumer Privacy Act that is to be implemented shortly and regarded as the most restrictive law on privacy of the US, including its scope of application, the extensive definitions of personal information and sales acts, privacy protection rights of consumers as to touching, requesting to delete and stopping the sales of privacy information, and some uncertainties that might emerge following the implementation of the act. At last, Ms. Melinda McLellan offered some suggestions concerning how enterprises should cope with the new act and improve their compliance.
Ms. Melinda McLellan
Ms. Zhao Xiaohua, Partner of BakerHostetler and Leader of China Practice, gave a speech on “Cross-border Data Transfer and the Major Differences between US and Chinese Data Security and Privacy Rules”. Ms. Zhao firstly summarized the differences between US and Chinese data security protection and privacy rules in their legislation models, and specifically stressed that different from the comprehensive legislation pattern of China, the legislation in the US consists of specialized acts in different industries. For example, industries of healthcare, finance and education have their exclusive data security protection act, respectively, and so Chinese enterprises engaged in trade in the US are specifically suggested to pay attention to those industrial and states’ statutory rules on data security and privacy protection. In addition, Ms. Zhao also presented an introduction of the differences between the US and Chinese practice of data protection and privacy rules by referring to the requirements of data localization and the understanding and application of the Cybersecurity Act.
Ms. Zhao Xiaohua
In the session of panel discussion, Ms. Zhao Xiaohua acted as the moderator, and had exchanges with Mr. Theodore Kobus, Ms. Melinda McLellan and Prof. Ding Xiaodong, Associate Dean of the RUC Law and Technology Institute. The panelists shared different perspectives and practical experience of China and the US in data protection. Prof. Ding also introduced the making of Chinese personal information and data security law and looked into its future implementation. He clarified the existing legislation mode of China on data protection and personal privacy protection, which adopts a legislation mode similar as the European mode, and shared his views on the specific implementation and enforcement of such laws on China. Moreover, Prof. Ding provided suggestions concerning enterprises’ data compliance, and stressed that enterprises are suggested to pay attention to formal compliance and legal risks, strengthen the communication with regulatory authorities, and establish data protection officers.
Prof. Ding Xiaodong
During the panel discussion, the panelists also had in-depth exchanges regarding the enforcement of data security protection law in China and the US, litigations that might be caused by the California Consumer Privacy Act, targeted advertisements and biological information privacy.
Group photo of the speakers
The BAC has been endeavored to promote the dissemination of professional knowledge including data protection and dispute resolution studies, and worked hard to build a platform for exchanges between domestic and foreign professionals. We sincerely welcome professionals from various industries to continue to pay attention to and participate in events organized by the BAC. You are also welcome to pay attention to the BAC’s website and WeChat account for more information.