Cybersecurity Law: Stricter rules on big data

The second draft leaves certain aspects vague, targets business information and requires national security reviews. Lawyers advise MNCs to have risk management protocols for cross-border data transfers