In the past two years the Chinese government, which has long pursued a security-centred approach to data, has been defining its own data governance regime. This Brief aims to shed light on China’s approach to data governance and outlines the challenges that it presents for EU governments and companies, particularly with regard to the risk of data protectionism.