Baker McKenzie FenXun‘s longstanding, dedicated privacy practice excels in privacy policies, data storage, retention and destruction, privacy complaints and investigations, along with disputes, data access requests, and transfer and disclosure agreements; and the team routinely conducts multi-jurisdictional reviews of the collection, use and transfer of data. Clients also benefit from the department’s expertise in the interplay of privacy requirements with labour and employment laws, consumer protection legislation and other local laws. The practice co-heads are Shanghai-based TMT group leader Zhenyu Ruan, whose track record includes complex matters involving companies’ data protection and cybersecurity law issues; Paolo Sbuttoni in Hong Kong, who advises on privacy/data protection, IT contracts/outsourcing, e-commerce, and telecoms/internet regulatory issues; and Lex Kuo, an expert in the TMT (including entertainment) and sports sectors, with a particular focus on Greater China.
Data protection: foreign firms in China
Baker McKenzie FenXun
‘The team is extremely responsive and diligent, and provides top-notch client service.‘
‘Zhenyu Ruan is responsive and diligent in providing commercially workable solutions amidst a complex environment of data laws in China.‘
- Advised Mastercard on China data privacy and cybersecurity law issues, in relation to the bankcard clearing and settlement business of its joint venture with NetsUnion Clearing Corporation.
With a longstanding presence in China, CMS‘ data protection and cybersecurity practice is able to leverage its substantial exposure to TMT sector-related risks and challenges. The full-service office in Shanghai is headed by Ulrike Glueck, who leads the corporate/M&A practice team, as well as the TMT sector group; and the firm’s sector-focused hub in Beijing is headed by Nick Beckett, who is also the global co-head of the life sciences and healthcare sector group. The hub is further strengthened by the firm’s Technology and Innovation Centre, which was designed to provide specific scientific and technical assistance on patent analysis, and freedom to operate and validity searches. Beijing-based senior associate Amanda Ge is a TMC regulatory specialist whose experience includes advising on data protection and cybersecurity-related compliance strategies. Shanghai-based Panpan Tang's practice covers IP, IT, TMT, e-commerce and data protection issues.
Leveraging its global data protection practice, Bird & Bird‘s Hong Kong-based practices houses dedicated privacy and data protection specialists, who act for high-profile clients that frequently collect and transfer large quantities of sensitive data. Representative work includes assisting with the development of international policies, handling security breaches, auditing data protection compliance, and advising on international transfer mechanisms (including cross-border data transfer agreements and security/privacy impact assessments). With approximately 20 years’ experience in advising on a range of data protection and privacy-related issues, counsel Clarice Yue is head of data protection for both mainland China and Hong Kong; and in recent years, Yue has been involved in projects involving cloud service, big data, fintech, adtech and the internet of things. At the partner level, corporate and commercial law expert Michelle Chan is also experienced in data protection issues.
Morrison & Foerster LLP’s privacy and data security practice advises on evolving privacy laws and regulations, as well as incident preparedness, response and litigation. The practice also handles data breach matters and is at the forefront of developing a number of technological tools for project management and exploring new technologies that result in cost savings. The principal figures are Beijing’s Paul McKenzie and Shanghai-based Chuan Sun, who both assist with data privacy and data security matters. Xuezi Dan and Tian Zhou are the associates to note.
Simmons & Simmons
Simmons & Simmons‘ China TMT team assists a sizeable number of Chinese and overseas clients with their global data compliance issues, including data compliance audit, gap analysis, remediation, data management and monetisation matters. Its range of clients comprises hardware/technology providers, cybersecurity service/technology businesses, digital services providers, fintech and virtual banks, traditional financial institutions, and healthcare and life sciences companies. Well known for her data protection expertise, Jingyuan Shi divides her time between the firm’s Shenzhen and Hong Kong offices.
‘Simmons is one of the few law firms in China that started to help Chinese enterprises solve the data compliance risks faced by overseas enterprises at the earliest, and provides overall data compliance system construction service.’
‘ Jingyuan Shi is able to provide high-quality legal services. The team is responsive and able to provide suggestions that meet the actual business needs. They treat people sincerely, consider problems from the client’s point of view, and avoid unnecessary costs.’