The Chinese National People’s Congress is currently considering a new cybersecurity law that could have a far-reaching impact on data management in China. While the legislation is not yet in effect, it highlights the need for companies to familiarize themselves with China’s varied data privacy and cybersecurity laws as they currently are, and how they may change in the near future. The first part of this two-part series provides insight from practitioners in China explaining the various sources of law governing data management in China and the types of information that are covered by the law. In the second part, we will explore practical implications of these laws with regard to employee relations, particularly during internal investigations and due diligence. See “Understanding the Far-Reaching Impact of Chinese State Secrets Laws on Data Flow” (Jul. 6, 2016) and “Six State Secrets and Data Privacy Considerations in Chinese Internal Investigations” (Aug. 3, 2016).