With the European Union’s General Data Protection Regulation (GDPR) deadline for compliance imminent, there’s been a focus on whether U.S.-based multinational company can get their data practices up-to-date in time for compliance. As to how the GDPR will coexist on the global business stage alongside China’s controversial Cybersecurity Law, however, is a different story.

Set into effect in June 2017, China’s Cybersecurity Law (CSL) has been a source of controversy. Initially promoted as a method for enhancing national cybersecurity, the law requires that “network operators” store data within China while allowing government officials access to it. What’s more, many have criticized it for having vague language and penalties disproportionate with infractions, as well as providing Chinese companies a considerable advantage while risking intellectual property.