Last month, the People’s Republic of China (PRC) announced plans to consolidate the country’s data protection functions into a single national data bureau tasked with regulating data privacy and data transfers for a nation of over 1.4 billion people. The announcement came almost a year and a half after China’s Personal Information Protection Law (PIPL) and Data Security Law (DSL) came into effect, which regulate the protection of personal information and the transfer of data out of China, respectively.

Given the number of multinational companies operating in China and targeting Chinese consumers, it is no surprise that the bureau’s establishment and the enactment of PIPL and DSL have garnered significant attention from companies seeking to ensure that their day-to-day operations do not run afoul of the new laws. However, these laws are not only affecting companies’ daily business operations—they also add an additional layer of regulations to the already complex process of exporting data from China for use in civil litigation in the United States.

Legal Impediments to Discovery Prior to PIPL and DSL