罗嫣 Yan Luo

March 2021

As the legal, regulatory, and commercial implications of coronavirus COVID-19 continue to evolve, our lawyers and advisors are helping clients navigate the complex considerations that companies around the world are facing and develop plans and strategies in response. Reach out to our COVID-19 task force at COVID19@cov.com. Below is a compendium of resources ...

January 29, 2021, Privacy Laws & Business

Yan Luo appeared on “Privacy Paths,” the Privacy Laws & Business’ podcast, to discuss China’s privacy draft law and other cybersecurity legislation.

January 20, 2021, Covington Alert

The Covington Technology Forum – Data in a Connected World, will be taking place on January 27th, 28th, and 29th. Intended for legal and business professionals who manage any aspect of the data economy for their organizations, the Forum will equip attendees with the information and insights they need in order to understand the evolving legal, regulatory and ...

January 12, 2021, Covington Alert

On January 9, 2021, China’s Ministry of Commerce released the Rules on Counteracting Unjustified Extraterritorial Application of Foreign Legislation and Other Measures, which took effect immediately. Specifically, the Rules are designed to “counteract” the extraterritorial application of “foreign [i.e., non-Chinese] legislation” or “measures” when such ...

October 23, 2020, Covington Alert

On October 21, 2020, the National People's Congress (“NPC”), China’s top legislative body, released its first draft of the Personal Information Protection Law (the “Draft Law”) for public comment (official Chinese version available here and Covington’s unofficial English translation here).  The period for public comment ends on November 19, 2020 and comments can ...

October 19, 2020, Covington Alert

On October 17, 2020, China enacted an Export Control Law (“the Law”) that builds upon China’s existing export control regulations, which are scattered across multiple laws, administrative regulations, and rules and measures issued by various departments, with the goal of creating a unified export control system to promote China’s national security and interests ...

October 19, 2020, The Wall Street Journal

Yan Luo is quoted in The Wall Street Journal regarding China’s new export restrictions. Ms. Luo says, “With recent events, China feels a greater need to have this export law in place.” Chinese authorities feel that export-control measures have been used against Chinese companies and they need a way to reciprocate. “The precise point is we don't know how they ...

September 21, 2020, Covington Alert

On September 19, 2020, China’s Ministry of Commerce ("MOFCOM") issued regulations that provide new details on the government’s plans for an “Unreliable Entity List” first proposed in May 2019.

July 20, 2020, Law360

Yan Luo is quoted in Global Data Review regarding China’s proposed data law intended to protect national security and the development of the digital economy. Ms. Luo says the law marks “a step forward” in establishing a regulatory framework for data security in China. She notes that the proposal has a particular focus on the governance of “important data”, ...

July 14, 2020, Global Data Review

Yan Luo spoke with Global Data Review about China’s  new provisions regarding the right to privacy and protection of personal information. Ms. Luo notes that the privacy provisions in the code are stated “only at a high level” – though she does point out that the provisions “remain consistent with [the] Cybersecurity Law.” She says the Civil Code and its privacy ...

July 9, 2020, Covington Alert

China has published a near-final draft of a new Export Control Law that, if enacted as drafted, would build upon China’s existing export control regulations, which are scattered across multiple laws, administrative regulations, and implementation rules, with the goal of creating a unified export control system to promote China’s commitment to nonproliferation ...

July 3, 2020, Computer Weekly

Yan Luo is quoted in Computer Weekly regarding China’s new draft data security law. Ms. Luo says, “China is considering allowing the law to have an extra-territorial effect that we have not seen before. They want to counteract the extra-territorial effect of U.S. law.” She adds that the law may require a technical audit of a company’s cyber security and to ...

May 29, 2020, Covington Alert

On May 27, Secretary of State Michael Pompeo certified to Congress pursuant to the Hong Kong Human Rights and Democracy Act of 2019 that "Hong Kong does not continue to warrant treatment under United States laws in the same manner as U.S. laws were applied to Hong Kong before July 1997." In a statement, Secretary Pompeo attributed this action to the announced ...

April 28, 2020, South China Morning Post

Yan Luo spoke with the South China Morning Post about new Chinese guidelines for operators of “critical information infrastructure,” requiring them to undergo a cybersecurity review process for any procurements that could have national security implications. According to Ms. Luo, the criteria may push companies to stay away from multinational providers that are ...

April 27, 2020, The Wall Street Journal

Yan Luo is quoted in The Wall Street Journal regarding China’s tough, new adoption of  cybersecurity rules for buyers of technology equipment, which could place foreign tech products at a disadvantage in the Chinese market. Ms. Luo says the prospect of potentially lengthy reviews may prompt Chinese companies to stay away from foreign products and services.

March 25, 2020, Covington Alert

USTR may exclude tariffs on Chinese imports related to COVID-19 response In response to COVID-19, the Office of the U.S. Trade Representative ("USTR") announced on March 20, 2020, that it is inviting comments on possible modifications to the list of goods from China subjected to additional tariffs under Section 301 of the Trade Act of 1974 (“Section 301 ...

March 18, 2020, Covington Alert

To assist companies that are developing technology solutions to help predict, mitigate or contain the spread of COVID-19, our cross-practice digital health team has put together a checklist of considerations to keep in mind. For additional guidance, please visit our COVID-19 Legal and Business Toolkit or reach out to us at COVID19@cov.com.

January 17, 2020, Covington Alert

On January 15, 2020, President Trump and Chinese Vice Premier Liu He signed the much-anticipated “Phase One” trade agreement between the U.S. and China. Set to take effect no later than February 14, 2020, the “Economic and Trade Agreement Between the United States of America and the People’s Republic of China” (the “Agreement”) is the first formal accord ...

January 8, 2020, Reuters

Yan Luo is quoted in Reuters Practical Law China's GC Agenda China with her thoughts on the new compliance challenges that China's new data privacy and cybersecurity regimes with bring. Specifically, Yan expects that China's draft Data Security Law and Personal Information Protection Law will be finalized in 2021. Together with the Cybersecurity Law, the three ...

October 31, 2019, Covington Alert

On October 26, 2019, China enacted a landmark Encryption Law, which will take effect on January 1, 2020. The Encryption Law significantly reshapes the regulatory landscape for commercial encryption, including foreign-made commercial encryption products, but leaves many questions to be answered in future implementing regulations.

October 21, 2019, Covington Alert

On October 18, 2019, the U.S. Administration announced the launch of a new product-specific exclusion request process for tariffs on approximately $112 billion in Chinese imports that were imposed on September 1, 2019. The exclusion process will close on January 31, 2020, and its requirements are similar to those applicable to the latest exclusion process for an ...

October 13, 2019, South China Morning Post

Yan Luo is quoted in the South China Morning Post regarding China's revised cybersecurity rules. Ms. Luo says many of the relevant cybersecurity requirements are “not that out of the global norm”, and unlikely to be a challenge for firms that already has “robust cybersecurity programmes.”

October 3, 2019, Global Data Review

Global Data Review covered Yan Luo’s recent promotion to partner. Ms. Luo is a member of GDR’s inaugural 40 under 40 set. “This experience has broadened my horizons and is very fulfilling for me personally,” she told GDR.

October 2, 2019, The American Lawyer

October 2019, Intellectual Property & Technology Law Journal

October 1, 2019

WASHINGTON—Covington has promoted to its partnership 14 lawyers based in eight different offices, including nine women and six lawyers of ethnically diverse backgrounds.   “Our new partners are exceptionally talented lawyers from a wide range of the firm’s offices and most important practices, and they are extremely well-positioned to carry the firm forward,” ...

August 30, 2019, Covington Alert

On August 27 and 29, 2019, the U.S. Administration released notices concerning increases in certain tariffs on Chinese imports, marking the latest escalation in bilateral trade frictions.

July 17, 2019, Covington Alert

On July 5, 2019, China’s Standing Committee of the National People's Congress (NPC) published a new draft Encryption Law (“the draft Law”) for public comment. The draft Law, if enacted as drafted, would bring significant new changes to China’s commercial encryption regime.

June 21, 2019, Covington Alert

Earlier this week, the Office of the U.S. Trade Representative (USTR) announced a process through which companies can request that their products be excluded from duties imposed on $200 billion in Chinese imports under Section 301 of the Tariff Act of 1974 (Section 301). Tariffs on these imports have been in effect since September 2018, and recently increased ...

June 18, 2019, GIR - The Guide to Cyber Investigations

June 10, 2019, TechNode

Yan Luo was quoted in Technode regarding China's evolving cybersecurity framework. Ms. Luo says foreign companies operating in China are pursing compliance through tailoring their existing global cybersecurity program to fit China's regulatory environment.

May 14, 2019, Covington Alert

On May 13, days after increasing tariffs on $200 billion in Chinese imports, the U.S. Administration proposed imposing an additional 25 percent tariff on a new list of $300 billion in Chinese imports. The Administration cited China’s “failure to meaningfully address” problematic intellectual property (IP) practices and its retaliatory responses to U.S. tariffs ...

May 8, 2019, Covington Alert

On May 8, the U.S. Administration confirmed its intent to increase tariffs on $200 billion in Chinese imports from 10 percent to 25 percent, effective Friday, May 10, 2019, and establish a process for requesting exclusions from these tariffs. As justification for these actions, the Administration cites the “lack of progress in discussions with China” and ...

March 31, 2019, The Economist Intelligence Unit

Yan Luo was acknowledged as an advisory board member for the special report The Transparent Business Barometer: Preparing for the End of Easy Data, published by the Economist Intelligence Unit. The report revealed key trends in data privacy and cyber security on global businesses through the survey of hundreds of business executives across China, the U.S., ...

February 19, 2019, Covington Alert

Late last week, President Trump signed an appropriations bill to keep the government funded. In its Joint Explanatory Statement accompanying this legislation, Congress directed the Trump Administration to establish an exclusion request process for tariffs on $200 billion in Chinese imports by March 17, 2019, in line with the process provided for prior rounds of ...

February 11, 2019, Covington Alert

On February 1, 2019, China’s National Information Security Standardization Technical Committee (“TC260”) released a set of amendments to GB/T 35273-2017 Information Technology – Personal Information Security Specification (“the Standard”) for public comment. The comment period ends on March 3.

January 2, 2019, Covington Alert

The past year was a particularly significant one for the development of Chinese privacy law. During 2018, the Chinese government systematically established the country’s regulatory requirements for cybersecurity and data privacy and continued to implement the Cybersecurity Law, which took effect on June 1, 2017.

December 3, 2018, Covington Alert

On December 1, during a working dinner meeting in Buenos Aires following the G20 Summit, U.S. President Donald J. Trump and Chinese President Xi Jinping agreed to temporarily ease trade tensions as both sides continue negotiating over longer-term solutions to U.S. concerns about bilateral economic relations.

September 19, 2018

BEIJING — Global Data Review has named Covington’s Yan Luo to its inaugural “40 Under 40” list, recognizing the 40 individuals who represent the best and the brightest of the data law bar around the world. Based in the firm’s Beijing office, Ms. Luo advises clients on a broad array of regulatory matters in connection with data privacy, international trade, ...

September 18, 2018, Covington Alert

On September 17, 2018, the Office of the U.S. Trade Representative (USTR) released its final list of approximately $200 billion in Chinese imports subject to an additional ad valorem tariff. The final list, which covers 5,745 product categories, will take effect on September 24, 2018.

August 8, 2018

The Trump Administration has released its final list of approximately $16 billion in Chinese imports that will be subject to an additional 25 percent ad valorem tariff, which will go into effect on August 23, 2018. The Administration has announced that it will provide an opportunity to request that "particular products" subject to the additional duties be ...

July 11, 2018, Covington Alert

Last night, the Office of the U.S. Trade Representative (“USTR”) released a new proposed list of $200 billion worth of products from China that could face an additional 10 percent ad valorem tariff. The list covers 6,031 product categories, including a multitude of consumer goods such as luggage, tires, furniture, apparel, mattresses, household goods, components ...

July 10, 2018, Covington Alert

As anticipated, an additional 25 percentage point ad valorem tariff on $34 billion worth of Chinese imports into the United States (covering 818 product categories in sectors including aerospace, information communication technology, machinery, and medical instruments) went into effect on July 6, 2018.

July 5, 2018, Covington Alert

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

June 15, 2018, Covington Alert

As anticipated, the Trump Administration today released its final list of Chinese imports subject to an additional 25 percent ad valorem tariff. The imposition of the tariffs follows the Administration’s determination in March that China’s technology transfer and intellectual property (“IP”) policies are harming U.S. companies, and the submission of public ...

May 4, 2018, Covington Alert

The Trump Administration’s senior economic and trade officials held talks with their Chinese counterparts in Beijing, May 3-4. The talks concluded with no agreement, and each side tabled expansive demands that appear well beyond what the other side would be able to accept.

April 1, 2018, Financial Times

Yan Luo is quoted in a Financial Times article regarding survey findings that suggest that more than half of Chinese internet finance lenders are failing to comply with data privacy regulations. According to Luo, “Investors should certainly expect more government scrutiny on their business model from a data protection perspective."

March 22, 2018, Covington Alert

Earlier today, the administration announced its findings that China’s theft of U.S. technologies and intellectual property (“IP”) have caused at least $50 billion in harm to the U.S. economy per year.

January 1, 2018, Law360

Kristof Van Quathem and Yan Luo are quoted in a Law360 article regarding cybersecurity and privacy policies to watch in 2018. Commenting on the General Data Protection Regulation (GDPR), Van Quathem says that although one of the legislation's aims is to harmonize a splintered set of national data privacy laws within Europe, it may end up causing companies aiming ...

October 13, 2017, Covington Alert

In a draft regulation released earlier this year, China proposed regulating the import, export, manufacture, sale, and use of “commercial encryption products,” building on a patchwork of regulations.1 These regulations have focused on restricting the import and use of encryption products produced by certain manufacturers, and many entities have expressed concern ...

August 31, 2017, Covington Alert

On August 31, 2017, China’s National Information Security Standardization Technical Committee (“NISSTC”), a standard-setting committee jointly supervised by the Standardization Administration of China (“SAC”) and the Cyberspace Administration of China (“CAC”), released an updated draft of the Information Security Technology - Guidelines for Data Cross-Border ...

July 21, 2017, Covington Alert

On June 16, 2017, China’s Ministry of Commerce (MOFCOM) released for public comment a draft of the Export Control Law (“the Draft Law”). While China has a number of regulations relating to export controls and has signed numerous nonproliferation agreements, the Draft Law would be China’s first law specifically addressing export controls and would implement an ...

July 12, 2017, Covington Alert

On July 11, 2017, the Cyberspace Administration of China (CAC) released the draft Regulation for the Protection of the Critical Information Infrastructure (“Draft Regulation”) for public comment (official Chinese version available here). The comment period ends on August 10, 2017.

June 1, 2017, The Hill

Yan Luo is quoted by The Hill in an article regarding some of the uncertainties surrounding China's new Cybersecurity Law. Under the new law, cross-border data transfers for operators of "critical information infrastructure" are subject to security reviews and restrictions. According to Luo, "We don’t really have a definition of critical information ...

May 19, 2017, Covington Alert

On May 19, 2017, the Cyberspace Administration of China (“CAC”) invited international stakeholders to attend a seminar to discuss an updated version of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Measures”). Given that the Measures have an intended effective date of June 1, 2017, it is likely ...

May 9, 2017, Covington Alert

On April 13, 2017, China’s State Cryptography Administration (“SCA”) published a draft Encryption Law (“the draft Law”) for public comment. After several years of drafting, the draft Law, if enacted as drafted, would be the first Chinese statute to systematically address encryption, covering “the research, production, management, import and export, testing, ...

May 3, 2017, Covington Alert

On May 2, 2017, the Cyberspace Administration of China (“CAC”) released the final version of the Measures on the Security Review of Network Products and Services (Trial) (“the Measures”), with an effective date of June 1, 2017 (official Chinese version available here). The issuance of the Measures marks a critical first step toward implementing China’s ...

April 12, 2017, Covington Alert

On April 11, 2017, the Cyberspace Administration of China (“CAC”) released a draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the Draft Measures is appended at the end of this alert).

February 7, 2017, Covington Alert

On February 4, 2017, the Cyberspace Administration of China (“CAC”) released the draft Measures on the Security Review of Network Products and Services (“the draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the draft Measures is here). The comment period ends on March 4, 2017.

January/February 2017, EuroBiz

January 23, 2017, Covington Alert

On January 9, 2017, eight Chinese ministries announced a significant new policy that aims to reduce marked-up prices and corruption in multi-tier distribution chains. The policy effectively requires that under most circumstances, at most two invoices may be issued throughout the distribution chain, with one from the manufacturer to a distributor and another from ...

December 15, 2016, Law360

November 8, 2016, Covington Alert

On November 7, the Standing Committee of China’s National People’s Congress (“NPC”) passed China’s first Cybersecurity Law (the “Law”), which will take effect starting June 1, 2017. Described as China’s “fundamental law” in the area of cybersecurity, the new Law articulates the government’s priorities with respect to “cyberspace sovereignty,” consolidates ...

October 16, 2016, China Cybersecurity Law Governance Conference

July 12, 2016, Covington Alert

On July 5, 2016, China’s National People’s Congress (“NPC”) released a new draft of the Cybersecurity Law for public comment (official Chinese version available here; unofficial translation from AmCham China available here). The revised draft contains a number of significant changes from the first draft, which was released in July 2015, but retains many of the ...

June 7, 2016, EURObiz

May 6, 2016, Insight

May 2, 2016, Law360

July 13, 2015, China Law & Practice

July 10, 2015, Covington Alert

July 2, 2015, Covington Alert

June 9, 2015, Covington Alert

February 20, 2014, Covington E-Alert

Winter 2014, Competition Policy International

July 19, 2013, Covington E-Alert

January 4, 2013, Covington E-Alert

May 15, 2012, Covington E-Alert

Spring 2012, Monopoly Matters

Spring 2012, Monopoly Matters

March 2010, Kluwer Law International