On January 1, 2026, the first major revision to China's Cybersecurity Law (CSL) since 2017 took effect. The National People's Congress Standing Committee adopted the amendment on October 28, 2025, and Chinese officials framed it around the "safe and sound development of AI" (NPC announcement, via PRC embassy). But the substance for global companies is blunter: penalties jump, extraterritorial reach widens, and the law's existing data-localisation architecture is consolidated rather than relaxed.
A tougher law
The headline change is money. Under the amended CSL, ordinary network-operator breaches that once drew only warnings now carry fines, and the most serious cases — large-scale data leaks or loss of critical-infrastructure functions — can reach RMB 2 million to RMB 10 million (roughly $280,000 to $1.4 million), with cybersecurity-certification violations rising from a RMB 100,000 ceiling to RMB 1 million (China Briefing; Mayer Brown). A new article affirms state support for AI — basic research, algorithms, compute, ethical norms, and risk monitoring — and the law now explicitly requires operators to comply with the Personal Information Protection Law (PIPL) and Civil Code when handling personal data. A revised Article 77 broadens liability to cover any overseas activity "endangering" China's cybersecurity, not just attacks on critical infrastructure.
Crucially, the core localisation rule is unchanged in spirit. Critical information infrastructure operators (CIIOs) must still store personal information and "important data" generated in China domestically, and pass a security assessment before any cross-border transfer. The amendment tightens enforcement around that obligation; it does not dismantle it.
The case for the regulator
The strongest argument for this regime is straightforward. A data-localisation-plus-assessment model gives a government genuine leverage over breaches of consequence: ransomware against power grids, mass leaks of citizens' biometric data, or exfiltration of strategically sensitive datasets. China's pre-2026 penalties were widely seen as too low to deter large operators, and aligning the CSL's sanctions with the PIPL and Data Security Law removes arbitrage where firms could pick the cheapest law to violate. Tiered fines that scale with harm — warnings for trivial lapses, eight-figure penalties for catastrophic ones — are, in principle, exactly the proportionality that good regulation should embody.
Where proportionality frays
The problem is not the ceiling; it's the discretion beneath it. "Important data" remains a famously elastic category, defined more by sectoral negative lists and case-by-case CAC judgement than by a clear, ex-ante rule a compliance officer can apply. When the trigger for mandatory domestic storage is ambiguous and the downside is now RMB 10 million plus possible asset freezes on overseas entities, rational firms over-comply — localising more data, transferring less, and treating routine analytics as a legal risk. That is a drag on the open, interoperable internet and on the very AI ambitions the amendment claims to champion: frontier models are built on data that crosses borders, and a chilling effect on outbound flows is a tax on innovation that falls hardest on smaller and foreign firms without dedicated China legal teams.
The smarter half: easing routine flows
Here is the part that deserves more attention than the penalty headlines. Alongside the crackdown, China has spent 2024–2025 genuinely loosening everyday data exports. The March 2024 Regulations to Promote and Standardize Cross-Border Data Flows exempted whole categories of routine transfers; a non-CIIO that exports non-sensitive personal information of fewer than 100,000 individuals in a year now faces no formal mechanism at all (Pillsbury). Free-trade-zone "negative lists" — adopted across Tianjin, Beijing, Shanghai, Zhejiang, and Hainan — let anything not on the list flow freely, and a CAC April 2025 Q&A confirmed that general data with no personal or important-data component crosses borders without restriction (China Briefing Q&A). On October 17, 2025, the CAC and market regulator finalised a certification route for mid-scale exporters, completing a three-pillar menu — security assessment, standard contract, certification — and extending assessment validity from two to three years (Global Times).
This is the more economically literate instinct, and it works. By the CAC's own account, of 298 security assessments reviewed by March 2025, only 44 involved important data, and most data items were approved. In other words, the heavy machinery is being reserved for genuinely sensitive transfers while commercial traffic is waved through. That is closer to the risk-based, proportionate model the rest of the world should want China to converge toward.
What predictability would add
The two tracks are not contradictory so much as unevenly drafted. The easing track gives firms bright-line thresholds and exemptions they can plan around; the enforcement track gives them a vague "important data" trigger and a tenfold larger fine. The fix is not weaker security rules — it is the same clarity the FTZ negative lists already demonstrate, applied to the localisation obligation itself. A published, stable definition of important data, and enforcement that distinguishes negligent mega-leaks from good-faith ambiguity, would let the deterrence land where it belongs without taxing the routine flows China has correctly decided to free. China has built the better instrument already. It should let it govern the whole regime.