The Chinese government’s recent passage of the Personal Information Protection Law (PIPL) sets the stage for its official People’s Republic of China (PRC) rollout on 01 Nov 2021. Alongside other data- and cyber-security‒related laws, this one seeks to bolster the PRC’s efforts to align with international standards. These laws have also been used to regulate the ever-powerful technology sector in the PRC. The introduction of the PIPL has sparked concerns about complying, particularly with regard to cross-border data transfers and the law’s extra-territorial application, which will affect just about every major firm globally. Businesses operating in the PRC should also be aware that the new law will likely help facilitate the PRC’s cyber-espionage efforts to gather intellectual property.