"China’s tough cybersecurity law to come into force this week", 30 May 2017

China…will adopt from Thursday a controversial law that mandates strict data surveillance and storage for firms working in the country…The law, passed in November by the country's largely rubber-stamp parliament, bans online service providers from collecting and selling users' personal information, and gives users the right to have their information deleted, in cases of abuse. "Those who violate the provisions and infringe on personal information will face hefty fines," the news agency said on Monday, without elaborating.

Reuters reported this month that overseas business groups were pushing Chinese regulators to delay implementation of the law, saying the rules would severely hurt activities. Until now, China's data industry has had no overarching data protection framework, being governed instead by loosely defined laws.

However, overseas critics say the new law threatens to shut foreign technology companies out of sectors the country deems "critical", and includes contentious requirements for security reviews and data stored on servers in China.