The enactment of China's Cybersecurity Law, Data Security Law, and Personal Information Protection Law has significantly reshaped the landscape of data security and personal privacy for China, not just within its own borders but also in the context of cross-border data transfers. All these three laws cover broad categories of information and contain various ambiguities open to interpretation. Absent formal guidance from Chinese authorities and coupled with Chinese courts' general reluctance to order production of data in foreign judicial proceedings, the responsibility to navigate these murky waters squarely rests with US courts as they continue to grapple with discovery issues involving Chinese entities and individuals. Drawn from case law, this article provides practice guidance to US litigants pursuing discovery from Chinese counterparts, as well as to Chinese entities and individuals who are subject to discovery requests in US federal litigation.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
