In order to expand the high-level opening up and stimulate the value of data elements, on March 22, 2024, the National Cyberspace Office issued and implemented the Provisions on Promoting and Regulating the Cross border Flow of Data (hereinafter referred to as the Provisions) to promote the orderly and free flow of data according to law. Since the implementation of the Regulation one year ago, positive results have been achieved in the management of data export security. A batch of cross-border data facilitation measures have been introduced one after another, and enterprises have generally responded positively. The Regulation clarifies the situations where cross-border shopping, cross-border delivery, cross-border remittance, cross-border payment, flight and hotel booking, cross-border human resources management, and overseas data processing are exempt from applying for data export security assessment, entering into personal information export standard contracts, and obtaining personal information protection certification for data export. It relaxes the conditions for cross-border data flow and narrows the scope of data export security assessment. After the promulgation of the "Regulations", the average monthly acceptance of data export security assessment projects decreased by about 60%, and the average monthly filing of personal information export standard contracts decreased by about 50%, which basically achieved the expected effect of promoting cross-border data flow. In addition, in order to implement the Regulations, the National Cyberspace Office cooperates with the People's Bank of China, the Ministry of Industry and Information Technology and other departments to formulate guidelines on data exit in the fields of finance, automobile and other fields, and provide operational guidelines for enterprises to effectively exit data; Guide the National Network Security Standardization Technical Committee to release the "Classification and Grading Rules for Data Security Technology Data" (GB/T 43697-2024), providing reference for enterprises to identify important data; Publish the "Draft Measures for the Protection and Certification of Personal Information for Outbound Personal Information (Soliciting Opinions)", clarifying the purpose, basis, applicable circumstances, and certification content of personal information protection certification for outbound personal information. Enterprises generally reflect the continuous optimization of data export management policies and truly feel the convenience of data export brought by the Regulations. 2. The time required for data export security assessment has been significantly reduced, and the efficiency of security assessment work has been significantly improved. The Cyberspace Administration of China, together with relevant departments of the State Council, has established a special working mechanism for national data export security management, continuously optimized the workflow of data export security assessment, strengthened departmental collaboration, and formed a working force. One is to update and release the "Guidelines for Data Export Security Assessment Declaration", optimizing and simplifying the materials that enterprises need to submit. The second is to launch a data export declaration system, providing enterprises with an online submission channel for materials, significantly reducing material circulation time. Thirdly, we will organize six provincial-level Cyberspace Administration offices in Beijing, Tianjin, Shanghai, Jiangsu, Zhejiang, Guangdong, and other regions to pilot the pre assessment of data export security, and work together with the central and local governments to improve the efficiency of security assessment. Fourthly, the Ministry of Commerce and the Cyberspace Administration of China will establish a green channel mechanism for the security assessment of data export of foreign-invested enterprises, providing convenience for data export of foreign-invested enterprises (including foreign-funded research and development centers) operating in China within a reasonable range. Through the above work measures, the average time for data export security assessment is currently less than 30 working days, which is significantly reduced compared to the 45 working days stipulated in the "Measures for Data Export Security Assessment". 3. Multiple regions have released negative lists for the export of data from pilot free trade zones, and the implementation of the negative list system has shown initial results. The Regulation establishes a negative list system for data export from pilot free trade zones, encourages pilot free trade zones to develop negative lists for data export based on their actual situation, and exempts data outside the negative list from applying for security assessments, entering into standard contracts, and obtaining protection certification. This is an innovative measure to promote and facilitate cross-border data flow in pilot free trade zones. Implementing the Regulations, the Cyberspace Administration of China and the National Data Administration jointly issued a notice clarifying the policy positioning, filing subject, and filing process of the negative list. At present, the negative list for data export from pilot free trade zones (ports) in Tianjin, Beijing, Hainan, Shanghai, Zhejiang and other places has been filed, promoting cross-border data flow in 17 fields including automobiles, pharmaceuticals, retail, civil aviation, reinsurance, deep-sea industries, and seed industries. Some enterprises in China have achieved efficient and convenient data export through the negative list model, and the implementation of the negative list system for data export has shown initial results. At the same time, in accordance with the principle of "formulating in one place and applying in multiple places", guide the pilot free trade zones to do a good job in connecting the application of negative lists for data export. For the same field, if there is already a negative list published by the pilot free trade zone, other pilot free trade zones can refer to it for implementation. 4. The promotion of data export security management policies has become more in-depth, and the compliance capability of enterprise data export continues to improve. One is to establish a "Data Governance" column on the homepage of China NetEase, which will showcase policies, regulations, standard guidelines, negative lists, and other documents related to data export security management, making it convenient for enterprises to access and use. The second is to hold policy lectures in 16 cities including Beijing, Shanghai, Shenzhen, and Hangzhou, interpreting data export security management policy standards and explaining practical cases to more than 2400 enterprises and institutions across the country; Hold a symposium on cross-border data flow policies for EU enterprises in China in Beijing, communicate and exchange ideas with enterprises, and respond to their concerns. The third is to publicly release the "Compliance Guidelines for China's Data Export", which systematically elaborates on data export security management policies and compliance points through graphical representation. Fourthly, the national and provincial cyberspace administration departments have opened and released data outbound consultation hotlines, providing regular consultation services and answering common questions encountered by enterprises. Enterprises generally reflect that the cyberspace administration department is constantly exploring and regulating the cross-border flow of data, strengthening interaction with enterprises, responding to their problems and demands, and continuously optimizing the data export security management mechanism. Enterprises have a more accurate understanding and grasp of relevant policies, and their compliance capabilities have significantly increased. 5. Actively carry out bilateral and multilateral digital governance dialogues and exchanges, and steadily promote cross-border data cooperation with foreign countries. Publish the Global Cross border Data Flow Cooperation Initiative, advocating for governments of all countries to jointly build an efficient, convenient, and secure mechanism for cross-border data flow, and help promote the development of the global digital economy. Actively carry out multilateral and bilateral digital governance cooperation, explore the establishment of special institutional arrangements with relevant countries and regions on cross-border data flow in accordance with the principle of reciprocity and mutual benefit. The Cyberspace Administration of China and the European Commission's Directorate General for Trade have established a cross-border data exchange mechanism between China and Europe and held their first meeting; Signed a Memorandum of Understanding on Cross border Data Flow Cooperation between China and Germany with the German Ministry of Digitalization and Transport, establishing a dialogue mechanism for "China Germany Data Policy and Regulation Exchange". The Cyberspace Administration of China, the Innovation, Technology and Industry Bureau of the Hong Kong Special Administrative Region Government, and the Economic and Financial Secretary of the Macao Special Administrative Region Government have successively signed a Memorandum of Cooperation on Promoting Cross border Data Flow in the Guangdong Hong Kong Macao Greater Bay Area, and released relevant policy documents to promote cross-border data flow in the Guangdong Hong Kong Macao Greater Bay Area. Next, the Cyberspace Administration of China will anchor the goal and task of establishing an efficient, convenient, and secure cross-border data flow mechanism proposed at the Third Plenary Session of the 20th Central Committee of the Communist Party of China. We will adhere to the coordinated development and security, work together with various regions and departments to promote the implementation and effectiveness of data export security management policies, continuously optimize and improve the work mechanism, strengthen policy promotion, actively promote cross-border international data exchange and cooperation, guide and assist enterprises and institutions in efficiently and compliantly carrying out data export activities, strive to build a data export security management system that is compatible with high-quality development, and help promote the healthy and sustainable development of the digital economy. (New Society)