CWR > Volume 8(2); 2022 > Article
Research Article
Published online: September 1, 2022

Genesis of Data Security Mechanism in China: The Next Step to Data Nationalism

Ella Gorian
Vladivostok State University School of Law
41, Gogol Str., Vladivostok, 690014, Russian Federation.
Corresponding Author:

ⓒ Copyright YIJUN Institute of International Law. This is an Open Access article distributed under the terms of the Creative Commons Attribution Non-Commercial License ( which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited.


The study aims to analyse data security in the financial and banking sector of China. The data laws provide a ‘consent-oriented’ approach where consent, along with a limited list of exceptions, is the legal basis for the processing of personal information. The personal data protection mechanism comprised the Data Security Law, the Cybersecurity Law, and the Personal Information Protection Law. Taken together, they cover all areas of information security and establish a severe data protection regime: they determine the scope of regulation, objects and subjects, responsibility, and institutional control mechanisms. For an accurate assessment, it is necessary to wait for the adoption of by-laws that specify the provisions of these laws. The financial and banking sector already has several by-laws in place that set stringent standards for the security of personal information. The leading role in this mechanism is taken by the financial regulator - the People’s Bank of China.

Keywords : Personal Data, Cross-Border Data Transfer, Financial Regulator, Data Security, Big Data, Personal Data Operator

View the Full Text