China Data Cross-border Flow Provisions Overview

Independent editorial reference. This page is based on official Chinese source links for general informational purposes only. It is not legal advice, and the official Chinese text prevails.

Key Takeaways

The 2024 Data Flow Provisions were issued as CAC Order No. 16 and took effect on 2024-03-22.
They should be read with the security assessment and standard contract measures rather than in isolation.
This overview does not make broad exemption claims or decide whether a specific activity falls within the provisions.

The Provisions on Promoting and Regulating Cross-border Data Flows are a 2024 CAC document that forms part of China’s cross-border data flow framework. They are important because they interact with earlier rules on security assessment, standard contracts, certification, and cross-border data transfer management. This page provides a source-tracked overview and avoids company-specific conclusions.

The provisions are often read as a major 2024 update because they sit after the Security Assessment Measures and Standard Contract Measures. That timing matters, but it does not make the provisions a shortcut. Readers still need to compare the official text with the PIPL, earlier CAC measures, and the facts of the activity.

This page explains why the provisions matter, how they relate to earlier mechanisms, and what should not be assumed from them. It does not decide whether an activity is covered by an adjusted scenario or whether any particular filing, assessment, or certification route applies.

What This Page Covers

What the 2024 Data Flow Provisions are.
Their relationship to earlier CAC measures.
Why they matter for cross-border data transfer research.
Why they should not be read as a universal route-selection shortcut.

Research Inputs to Collect

Before relying on the 2024 provisions in research, collect:

the transfer scenario, data category, data volume or scale facts, and business purpose;
whether the activity involves personal information, important data, network data, or mixed datasets;
whether a security assessment, standard contract filing, certification review, or prior regulator interaction already exists;
the processor role, overseas recipient, storage/access arrangement, and transfer frequency;
whether sectoral, regional, or local pilot rules may also be relevant;
which earlier CAC measure would have been considered before reading the 2024 provisions.

These facts are needed because the provisions interact with earlier rules. They do not create an automatic answer.

What This Page Can and Cannot Do

This page can explain why CAC Order No. 16 matters in current source-tracked research and how it relates to earlier cross-border data transfer rules.

This page cannot decide whether a particular activity falls within an official adjustment, whether a filing is required, or whether other rules continue to apply.

Official Source Basis

Official document	Chinese title	Authority	Date	Official source
2024 Data Flow Provisions	促进和规范数据跨境流动规定	CAC, Order No. 16	Published and effective 2024-03-22	https://www.cac.gov.cn/2024-03/22/c_1712776611775634.htm
Security Assessment Measures	数据出境安全评估办法	CAC, Order No. 11	Effective 2022-09-01	https://www.cac.gov.cn/2022-07/07/c_1658811536396503.htm
Standard Contract Measures	个人信息出境标准合同办法	CAC, Order No. 13	Effective 2023-06-01	https://www.cac.gov.cn/2023-02/24/c_1678884830036813.htm
PIPL	中华人民共和国个人信息保护法	Standing Committee of the National People’s Congress	Effective 2021-11-01	https://www.cac.gov.cn/2021-08/20/c_1631050028355286.htm

Source status: CAC Order No. 16 and the related earlier rules listed above are official source anchors. This page does not infer thresholds, carve-outs, or filing outcomes beyond the official-source framework.

What the Provisions Are

The 2024 Data Flow Provisions were issued by the Cyberspace Administration of China as CAC Order No. 16. They are part of the public official framework for managing and regulating cross-border data flows. They should be read together with the PIPL, the Security Assessment Measures, the Standard Contract Measures, and other applicable rules.

Because they are later provisions in the same regulatory area, they are important for understanding the current source framework. At the same time, the exact impact of any provision depends on the official text and the facts of the activity.

Relationship to Earlier Rules

Earlier rules established mechanisms such as CAC security assessment and the standard contract route. The 2024 provisions interact with those mechanisms and may affect how certain data flow scenarios are managed. A careful reader should compare the provisions with the security assessment measures and the standard contract measures rather than reading any one document alone.

This page does not state that a company is outside the security assessment framework or that a standard contract filing is unnecessary. Those are fact-specific conclusions that require review against the current official text.

2024 Provisions Reading Table

Change area	Public-source effect	Related prior mechanism	Practical caution	Related page
Cross-border data flow management	The provisions form part of the current official CAC framework for promoting and regulating cross-border data flows.	Security Assessment Measures; Standard Contract Measures.	Do not read the provisions without comparing them to earlier rules and PIPL Article 38.	China Cross-border Data Transfer Route Comparison
Route analysis	The provisions may affect how certain scenarios are handled within the broader framework.	Security assessment, standard contract, certification, and other statutory conditions.	A page-level overview cannot determine whether a specific scenario is covered.	Security Assessment vs SCC vs Certification
Standard contract context	The provisions should be read with CAC Order No. 13 where the standard contract route remains relevant.	Standard Contract Measures and filing guidance.	Contract and filing questions still require current official materials and facts.	Standard Contract Measures Overview
PIPL relationship	For personal information, Article 38 remains the gateway article.	PIPL Articles 38, 39, and 40.	Later provisions do not replace careful PIPL reading.	PIPL Article 38 Explained

Relationship to PIPL Article 38

For personal information, PIPL Article 38 remains the gateway article for providing personal information outside China. The 2024 provisions should be considered within that broader framework. They may affect the practical analysis of transfer mechanisms, but they do not replace the need to read PIPL and implementing rules carefully.

Practical Reading Notes

When using the 2024 provisions in research, keep the following questions separate:

Question	Why it matters
What type of data is involved?	Personal information, important data, and other categories may be treated differently.
Which mechanism is being considered?	Security assessment, standard contract, certification, and other statutory conditions have different source bases.
Is the source text current?	Later official provisions may affect earlier route analysis.
Are facts complete?	Without the factual transfer scenario, route conclusions are not reliable.

Common Misunderstandings

The 2024 Data Flow Provisions are not a blanket exclusion from all cross-border data transfer obligations.
They do not replace the PIPL, Security Assessment Measures, or Standard Contract Measures.
They should not be used to make a company-specific route decision without reviewing the official text and facts.
A later CAC provision may adjust the analysis, but it does not remove the need to identify the data category, processor role, recipient, purpose, and applicable rule set.
Where a scenario appears to be affected by the provisions, the conclusion still requires careful source-based review.

Practical Use of This Page

Use this page to understand why CAC Order No. 16 belongs in current cross-border data transfer research. It is most useful as a bridge between earlier route-specific measures and current source-tracked analysis. It is not a substitute for reading the official provisions article by article.

Source and Review Note

This overview is based on official Chinese source documents listed above. It is for general informational reference only and is not legal advice. The official Chinese text prevails.