Companies now must reckon with the world’s latest heavyweight privacy law: China’s Personal Information Protection Law. China’s national legislature issued a draft of the country’s comprehensive privacy law on October 21, 2020, stepping to the center of the global conversation about privacy governance and data localization. The PIPL resembles the GPDR in many ways, an overlap that could ease international companies’ compliance efforts, but the law also will require companies to take substantial new compliance steps. This article includes detailed analysis of the PIPL’s provisions for processing PI in China and transferring it overseas, and the law’s global compliance effects, with insight from the ground in Beijing. See “Navigating China’s Cybersecurity Regulatory Maze” (Aug. 12, 2020).