Overview & Analysis
The Provisions on Promoting and Regulating Cross-Border Data Flows are the master optimization layer of China's cross-border data regime. Issued in March 2024, they do not replace the Security Assessment Measures (Order 11), Standard Contract Measures (Order 13), or Certification Measures — but where those instruments are inconsistent with these Provisions, these Provisions prevail. Their core purpose is to promote the lawful, orderly, and relatively free flow of data while still safeguarding data security and personal information rights. They do this in three principal ways: establishing a comprehensive exemptions framework that removes many ordinary business transfers from the outbound-mechanism requirements entirely; restating the tiered thresholds that determine which mechanism applies for non-exempt transfers; and introducing important updates including extending security assessment validity from two to three years (renewable for a further three years), shifting threshold counting from the previous year to the current year for certain provisions, and clarifying that data not officially designated as "important data" need not be treated as such for outbound assessment purposes.
The Provisions matter greatly for AI because many AI operating models depend naturally on cross-border data flows — global model training, centralized analytics, intra-group data sharing, cross-border HR and customer-service functions, overseas cloud coordination, global risk management, and unified product optimization. Legal commentary has widely viewed the Provisions as materially reducing compliance burdens for many ordinary business scenarios, especially for multinationals. For AI builders and adopters, the key shift is that China is no longer treating all outbound data transfers through a single heavy-approval lens, but is moving toward a more tiered regime based on data type, use case, and volume — with a meaningful set of exemptions available to companies that design their data flows carefully.
All thresholds in these Provisions use cumulative volumes since January 1 of the current year. Exemptions under Articles 3, 4, 5, and 6 take priority over these thresholds when they apply.
| Outcome | Condition (non-CII processors, current year) | Legal Basis |
|---|---|---|
| EXEMPT from all mechanisms | Cumulative outbound non-sensitive PI <100K individuals since Jan 1 (current year) | Article 5(4) |
| Standard Contract OR Certification | Cumulative outbound non-sensitive PI ≥100K but <1M individuals; OR sensitive PI <10K individuals | Article 8 |
| Security Assessment required | Cumulative outbound non-sensitive PI ≥1M individuals; OR sensitive PI ≥10K individuals; OR any important data; OR CII operator providing any PI or important data | Article 7 |
In the AI context, these Provisions are most relevant not to the algorithm itself, but to the data flows behind the AI system: what data leaves China, what data is collected abroad and processed in China, and what must be shared with headquarters, overseas R&D centers, global cloud platforms, foreign vendors, or multinational customers. The Provisions' main practical value is that companies no longer need to assume that every outbound transfer triggers the heaviest process.
1. China Business Data Used for Global AI Training, Analytics, or Product Optimization
If the outbound data does not include personal information or important data, the Article 3 exemption may apply, removing all mechanism requirements. Where China-origin personal information is involved, the volume thresholds determine the applicable mechanism. For AI programs, this means a "global unified data lake" is not necessarily prohibited — but it requires careful data classification and routing design to identify which flows are exempt and which need contracts or assessment.
2. Using Foreign AI Vendors, Overseas Cloud, or Headquarters Model Platforms
If China teams input personal information, customer-interaction data, employee data, or business data into overseas AI tools or cloud environments, that may constitute providing data abroad. The company must first assess exemptions (Articles 3–6), then assess cumulative volumes against the tiered thresholds. Below 100K non-sensitive PI individuals per year, transfers are exempt under Article 5(4). The result directly determines whether a unified global AI platform remains viable or whether China localization and traffic segregation are needed.
3. Cross-Border HR Management AI Applications
The Provisions expressly include cross-border HR management carried out under lawful labor rules and collective contracts as an Article 5(2) exempt scenario. For multinationals using AI for recruiting, talent profiling, performance analytics, training recommendations, and workforce planning, where these purposes are grounded in the company's lawful labor-rules/collective-contract framework, the transfer of employee personal information may be exempt from all outbound mechanisms — a significant compliance relief for HR AI applications.
4. Cross-Border Customer Service, Transaction Performance, and Marketing AI
Article 5(1) exempts personal information transfers necessary for contract performance (cross-border shopping, delivery, remittance, payment, account opening, hotel/airline reservations, visa processing, exam services). Article 3 exempts trade, transport, manufacturing, and marketing data that contains no PI or important data. For AI in e-commerce, cross-border payment risk engines, customer-service assistants, and international marketing analytics, companies need to distinguish data necessary for contract performance — more likely exempt — from broader data reuse for model training or profiling, which may require further analysis.
5. Building AI Operations or Data Hubs Inside a Pilot Free Trade Zone
The Article 6 FTZ negative list mechanism allows data outside the designated negative list to flow overseas without security assessment, standard contracts, or certification. For AI companies and multinational adopters, this creates potentially more flexible room for China-based data hubs, algorithm development centers, or regional digital operations centers — but requires the local FTZ to have actually adopted and filed its negative list. Companies should check the specific local negative list and not assume that being located in a Free Trade Zone automatically exempts all outbound transfers.
The biggest practical value of these Provisions is that they turn the question "Can a China AI project still work with the global architecture?" from an overly conservative legal debate into an operating-model issue that can be managed through classification, segmentation, and workflow design.
Start with "What Kind of Data Is This?" — Not "Can It Leave China?"
The most common management mistake is debating whether data should go to headquarters before classifying the data itself. The key first questions are: Does the dataset contain personal information, sensitive personal information, or important data? Is the company a CII operator? Require teams to break flows into categories: pure operational data, anonymized data, ordinary PI, sensitive PI, and potentially important data. The earlier this classification happens, the easier it is to preserve a workable global AI architecture.
Design AI Data Flows as Multiple Routes, Not One Global Channel
Data with no PI or important data can follow the Article 3 exemption route. Cross-border HR, contract-performance, and offshore-collected/China-processed/offshore-return data can be assessed for specific exemptions. Projects in the middle volume range can use standard contracts or certification. Higher-volume, sensitive, or CII-related scenarios may need security assessment or localization. This prevents treating all AI use cases as "cannot leave China" because one category is complex.
Build a China AI Data Map and Current-Year Counting Mechanism
The Provisions' thresholds use cumulative volumes since January 1 of the current year. Companies need operational visibility — not just legal principles — into actual volumes. Build a transfer register for important AI projects showing what China-origin data is sent to which overseas recipient, what type, how many individuals, and whether data enters training, inference, monitoring, or support. Without a counting mechanism, companies can cross thresholds without realizing it.
Treat Transfer Mechanisms as Architecture Selectors, Not Just Legal Paperwork
These mechanisms often determine the technical path. If outbound volume falls into the middle band, standard contracts or certification may allow continued use of a global model platform. If thresholds are higher or important data is involved, security assessment becomes the heavier route, and the company may need to reconsider local inference, local training, field minimization, or a China-dedicated instance. Bring these mechanisms into architecture choices at the project-design stage.
Actively Use the Exemption Space for HR, Customer Service, and Marketing AI
The Provisions create clearer exemptions for many of the most common multinational transfer scenarios. Cross-border HR under lawful labor rules, contract performance, offshore-collected data returning offshore after China processing, and operational data without PI or important data all provide more practical room for AI use. Require teams to assess each use case for exemption applicability and keep a supporting rationale on file. Do not continue applying the most conservative assumptions from the prior regime.
Do Not Auto-Classify Sensitive Business Data as "Important Data" — But Keep a Filter
Article 2 expressly provides that where data has not been notified or publicly designated as important data by relevant authorities, processors do not need to treat it as important data for outbound assessment. This reduces much of the prior uncertainty around the concept. However, it is prudent to maintain an internal screen for highly sensitive sectoral, operational, industrial, and public-service data and to monitor regulatory notices. Benefit from the relaxation while keeping a defensible decision trail.
Treat China Localization Capability as an Option, Not the Default Separation
Many multinationals default to complete localization when facing outbound data constraints. The Provisions' message is that full localization is no longer the only viable path. A more balanced approach: keep local deployment, local inference, local storage, and China-specific model instances as tools for higher-risk or higher-threshold cases only, while preserving global-platform coordination where exemptions apply or where volumes remain below thresholds. Avoid over-isolating China technologically when lower-burden routes are available.
Even When Exempt, the Baseline PI and Data Security Obligations Remain
An exemption from the outbound mechanism reduces the transfer-procedure burden — but not the underlying governance duties. Article 10 requires that when PI is provided abroad, processors still fulfill duties such as informing individuals, obtaining separate consent, and conducting PIPIAs where required. Article 11 requires data security protection and reporting of incidents. The faster the company wants to move, the more useful it is to template and operationalize these baseline controls so they are not skipped in the rush.
For multinational companies, the greatest value of these Provisions is that they move China AI projects away from a false binary of either "full localization" or "high-risk outbound transfer." They provide a more granular rule set that allows companies to design smarter data flows, system boundaries, and compliance paths. The most effective operating model is to embed the Provisions into AI project intake, data classification, architecture design, and vendor management so that compliance analysis becomes a design input rather than a launch blocker.
Complete Regulatory Text
Table of Contents
(1) Where it is necessary to provide personal information abroad for the conclusion or performance of a contract to which the individual is a party, such as cross-border shopping, cross-border delivery, cross-border remittance, cross-border payment, cross-border account opening, airline and hotel reservations, visa processing, examination services, etc.;
(2) Where it is necessary to provide employees' personal information abroad for cross-border human resources management in accordance with legally formulated labor rules and regulations and legally concluded collective contracts;
(3) Where it is necessary to provide personal information abroad in emergency situations to protect the life, health, and property safety of natural persons;
(4) Where data processors other than critical information infrastructure operators cumulatively provide personal information (excluding sensitive personal information) of fewer than 100,000 individuals abroad since January 1 of the current year.
The term "providing personal information abroad" as referred to in the preceding paragraph does not include important data.
Data processors within Pilot Free Trade Zones that provide data abroad outside the scope of the negative list may be exempt from applying for data export security assessment, entering into standard contracts for the export of personal information, or passing personal information protection certification.
(1) Where a critical information infrastructure operator provides personal information or important data abroad;
(2) Where a data processor other than a CII operator provides important data abroad, or cumulatively provides personal information of more than 1 million individuals (excluding sensitive personal information) or more than 10,000 individuals' sensitive personal information abroad since January 1 of the current year.
Where the circumstances fall under Articles 3, 4, 5, or 6 of these Provisions, those provisions shall apply.
Where the circumstances fall under Articles 3, 4, 5, or 6 of these Provisions, those provisions shall apply.
促进和规范数据跨境流动规定
(2024年3月22日公布施行,第16号令)
来源:中国网信网 本规定与第11号令、第13号令不一致的,适用本规定(第十三条)。
目 录
(一)为订立、履行个人作为一方当事人的合同,如跨境购物、跨境寄递、跨境汇款、跨境支付、跨境开户、机票酒店预订、签证办理、考试服务等,确需向境外提供个人信息的;
(二)按照依法制定的劳动规章制度和依法签订的集体合同实施跨境人力资源管理,确需向境外提供员工个人信息的;
(三)紧急情况下为保护自然人的生命健康和财产安全,确需向境外提供个人信息的;
(四)关键信息基础设施运营者以外的数据处理者自当年1月1日起累计向境外提供不满10万人个人信息(不含敏感个人信息)的。
前款所称向境外提供的个人信息,不包括重要数据。
自由贸易试验区内数据处理者向境外提供负面清单外的数据,可以免予申报数据出境安全评估、订立个人信息出境标准合同、通过个人信息保护认证。
(一)关键信息基础设施运营者向境外提供个人信息或者重要数据;
(二)关键信息基础设施运营者以外的数据处理者向境外提供重要数据,或者自当年1月1日起累计向境外提供100万人以上个人信息(不含敏感个人信息)或者1万人以上敏感个人信息。
属于本规定第三条、第四条、第五条、第六条规定情形的,从其规定。
属于本规定第三条、第四条、第五条、第六条规定情形的,从其规定。
