The Cybersecurity Law of the People’s Republic of China was issued on November 7, 2016, and officially put into effect June 1, 2017. The Cyberspace Administration of China (CAC) has released supportive measures to implement provisions of the Cybersecurity Law. These Draft Measures provide guidelines for cross-border transfer of data, data security assessments, and the protection of data in relation to national and public interest.
In 2017, the CAC published Measures on Security Assessment of Cross-Border Transfer of Personal Information and Important Data. The draft received immense feedback, leading to a revised draft released in June 2019, Measures on Security Assessment of Cross-Border Transfer of Personal Information.
The revised Draft Measures will affect a wide range of domestic and foreign entities in China that have cross-border transfer needs.
The whole article you can find in the Computer Law Review International (CRi) 6/2019