Ning Xuanfeng (Susan)

Cybersecurity and Data Compliance under PRC Cybersecurity Law (“Cybersecurity Law”)

• Assist a domestic clearing institution in its data compliance system and provide legal advice on the legality of its overseas branch’s access to domestic data platform.
• Assist a renowned domestic company engaging in Internet news and information in the personal information protection compliance project, including due diligence on internal network security and data compliance based on compliance obligations under the Cybersecurity Law and its supporting measures.
• Assist a famous domestic mobile phone manufacturer in the personal information protection project, including identifying relevant risk points, proposing corresponding rectification proposals and conduct compliance training for employee in accordance with compliance obligations under the Cybersecurity Law and its supporting rules.
• Assist a renowned international company in consumer goods industry in due diligence on the data compliance of its suppliers regarding a data commercialisation application project and provide data compliance consultation services.
• Assist a globally renowned mobile Internet enterprise to communicate with government agency on data access issues, submit legal analysis and provide compliance advice on the collection and processing of personal information involved in its cloud computing services.
• Assist the famous domestic financial holding group in data compliance, data integration and asset-based management project. Assist the Company in guiding the implementation of data governance and integration project with scenario-based thinking based on the data sharing process and data lifecycle characteristics. Access the business data of members of the Financial Holding Group for lawful commercial utilisation.
• Assist an internationally renowned manufacturer of healthcare products, medical devices and pharmaceuticals in providing legal services for local cyber security and data compliance in China. Assisting the company in legally transferring relevant medical data and personal information across borders; and conducting compliance review of existing internal compliance policies and systems in accordance with existing laws and regulations. In addition, providing legal suggestions for further optimisation of internal compliance policies and procedures. 

GDPR Data Compliance

• Assist a famous well-known domestic fin-tech enterprise in the multi-jurisdictional data compliance project, including conducting due diligence on data processing activities of various business lines in accordance with GDPR requirements, identifying compliance risks in the data life cycle, proposing corresponding rectification opinions; updating and localizing the internal data compliance system for the company in accordance with diversified legal and regulatory requirements of other jurisdictions in which the company conducts business. 
• Assist a globally famous automobile manufacture in GDPR data compliance project, sort out collection, storage, use of personal data and cooperation with third parties possibly involved in the company’s EU business, analyse the potential issues concerning GDPR and provide suggestions for rectification.
• Assist a well-known domestic mobile phone operating system operator in the GDPR data compliance project, including revising privacy policy and terms of use, formulating internal compliance management policies; determining the country where the European data center to be located; selecting and appointing data protection officer; assisting the company in signing standard agreement concerning cross-border transfer of data; applying for third-party GDPR compliance certification, etc.
• Assist a renowned international computer operating system developer in GDPR data compliance project, including reviewing the existing global privacy policy, identifying the compliance risks which do not comply with the requirements of the Cybersecurity Law and GDPR, proposing a feasible improvement program and conducting GDPR compliance training for employees.
• Assist a famous ride-hailing platform in carrying out multi-jurisdictional data compliance projects, including building an international business data compliance system according to GDPR and specific obligations of laws and regulations in other overseas regions, and issued network security supervision status reports in multiple jurisdictions overseas; provides a customized implementation strategy based on the current practice of the clients, and provides comprehensive advice on the appointment of a data protection officer.

Antitrust and Competition Law

With the implementation of the Anti-Monopoly Law (AML) on 1 August 2008, Susan began to fully engage in the area of AML and anti-unfair competition law. Her practice in this area mainly includes merger control filings, antitrust investigations, compliance and antitrust litigation.

KWM officially established its Antitrust Group in 2003, which was the first specialised practice team in this area among Chinese law firms. Since 2003, Susan and her team have undertaken hundreds of merger control filings on behalf of clients, mostly consisting of multinational corporations from industries such as chemicals, semiconductors, luxury goods, transportation, hotels, automobiles, high technology, finance, trade, telecommunications, energy and the Internet. Susan has also assisted a number of clients on confidential investigations of cartel conducts, resale price maintenance and abuse of dominance and represented several landmark litigation cases in relation to monopoly agreements and abuse of dominance. Susan has advised a number of clients regarding establishing and improving their antitrust and competition compliance systems and conducting internal audits.

Susan’s representative projects include: 

Merger Control Filings

• Represent Whirlpool Corporation in the merger filing of Galanz’s acquisition of Whirlpool China.
• Represent Toyota and Panasonic in the merger filing of the establishment of a joint venture by Toyota and Panasonic in the area of electric car batteries.
• Represent Praxair in the merger filing of the merger between Praxair and Linde.
• Assist Monsanto in the merger filing of Bayer AG’s equity acquisition of Monsanto.
• Assist Tronox, a globally renowned supplier of inorganic minerals and chemicals, in the merger filing of its acquisition of the titanium dioxide business of Cristal, another leading company in the same industry and obtain clearance without condition.
• Assist Hisense in the merger filing of its acquisition of equities of Toshiba.
• Represent Mead Johnson in the merger filing of Reckitt Benckiser Group’s acquisition of equities of Mead Johnson.
• Represent Lam Research in the merger filing of the merger between Lam Research and KLA-Tencor.
• Assist Chinese shareholders of Blueair in the merger filing of Unilever’s acquisition of Blueair.
• Assist Sherwin Williams, a leading brand in the U.S. coating industry, in the merger filing of its acquisition of Valspar, another industry-leading company for $11.3 Billion.
• Assist Alcatel-Lucent in the merger filing of Nokia’s acquisition of equities of Alcatel-Lucent.
• Assist in the merger filing of the establishment of a joint venture by Corun, Toyota China, PEVE, Xin Zhong Yuan and Toyota Tsusho.
• Represent Nokia in the merger filing of Microsoft’s acquisition of equipment and services of Nokia.
• Assist Pfizer in the merger filing of Pfizer’s acquisition of Wyeth.

Antitrust Investigations and Compliance

• Represent a RORO shipping company to apply for leniency treatment in an investigation initiated by National Development and Reform Commission (NDRC) against an international cartel and assisted the client to obtain full immunity.
• Represent an auto part company to apply for leniency in an investigation initiated by NDRC against an international cartel and assisted the client to obtain full immunity.
• Represent a multinational smelting company on a complex antitrust dispute involving three different types of legal proceedings (international arbitration for IP infringement, civil antitrust litigation and administrative antitrust investigation), and assisted client in settlement with plaintiffs, and eventually received no penalties from NDRC.
• Represent a Standard Setting Organisation in an antitrust investigation initiated by NDRC on alleged abusive conducts, and assisted client to settle with whistleblower and investigation agency, and eventually received no penalties from NDRC.
• Represent a technology licensing company in an antitrust investigation initiated by NDRC on alleged excessive pricing and other abusive conducts and represented client before NDRC, and eventually received no penalties from NDRC.
• Represent a pharmaceutical company in an antitrust investigation initiated by NDRC and represented client before NDRC, and eventually received no penalties from NDRC.
• Represent an international pharmaceutical appliance company in antitrust investigations initiated by State Administration for Market Regulation (SAMR) and the NDRC, and the client eventually received no penalties from the NDRC.
• Represented a leading internet platform company in responding to administrative investigation with regard to a cartel allegation concerning joint procurement.
• Represented a leading multinational retail corporation in responding to administrative investigation resulting from complaints by Chinese retail giants.

Antitrust Litigation

• Represent the client in launching a lawsuit before the Higher People's Court in Jiangsu province against IDC (InterDigital Technology Corporation) and several other defendants accusing them of abuse of dominance in relation to SEP license issues. We eventually assisted the client to reach a favorable settlement agreement with the defendant.
• Advise Huawei in its lawsuit against IDC for abuse of dominance. This is the first antitrust litigation in China involving intellectual property issues relating to SEPs.
• Represent Qihoo in launching a lawsuit against Tencent with respect to abuse of dominance. This is the first antitrust litigation in China to involve comprehensive analysis of competition law and the first competition case to be heard by the Supreme People’s Court.

Antitrust Litigation

• Represent the client in launching a lawsuit before the Higher People's Court in Jiangsu province against IDC (InterDigital Technology Corporation) and several other defendants accusing them of abuse of dominance in relation to SEP license issues. We eventually assisted the client to reach a favorable settlement agreement with the defendant.
• Advise Huawei in its lawsuit against IDC for abuse of dominance. This is the first antitrust litigation in China involving intellectual property issues relating to SEPs.
• Represent Qihoo in launching a lawsuit against Tencent with respect to abuse of dominance. This is the first antitrust litigation in China to involve comprehensive analysis of competition law and the first competition case to be heard by the Supreme People’s Court.

International Trade and Investment Law

Susan started to practice international trade and investment law since 1995. She was one of the earliest Chinese lawyers in this area and has been widely recognised among her peers. Susan’s areas of practice in international trade include foreign direct investment (FDI), anti-dumping and countervailing duty. In 1997, Susan represented the client in the first anti-dumping investigation case in China. In 2002, Susan participated in the first WTO case after China’s accession to the WTO where she represented MOFCOM’s filing against U.S. safeguard measures on steel imports from China.

In 2008, Susan led a team to work as the sole Chinese legal counsel to the Beijing Organising Committee of the Games of the XXIX Olympiad. As head of the team, Susan provided a wide range of legal advice by reviewing, drafting, and revising various Chinese and English legal documents as well as participating in many key negotiations.

Major Publications

Her articles on the AML have been published by many renowned international competition law journals and publications, including Euromoney’s Competition & Antitrust Review and Global Competition Review. As the author of the Practice Guide to China Antimonopoly Law (published by CCH) and other works in law, she won Antitrust Writing Award by Concurrences in 2019.

Cybersecurity and Data Compliance

• Global Practice Guides Cybersecurity 2020-2024 Chambers China Chapter;
• Global Practice Guides Artificial Intelligence 2022-2024 Chambers China Chapter;
• International Comparative Legal Guide to Data Protection 2019-2024 China Chapter;
• International Comparative Legal Guide to Cybersecurity 2018-2024 China Chapter;
• International Comparative Legal Guide to AI, Machine Learning & Big Data 2021-2024 China Chapter;
• Bank Secrecy Laws (China), Thomson Reuters, January 2022;
• “Data Compliance Series 1 -- Reflections on the Facebook Incident”, KWM China Law Insight, March 2018;
• “The Wise and Informed Adapts to the Changing Time and Circumstances Discussing the Issues on ‘Information Technology – Personal Information Security Specification’ from a Practical Perspective”, LexisNexis China Legal Review, January 2018;
• “Observations and Perspectives on the 1st Year Implementation of CSL, on 2017 Final Issue of LexisNexis China Legal Review”, LexisNexis China Legal Review, December 2017;
• “Cybersecurity and Data Protection Issues in Chinese Enterprises’ Outbound Acquisition in the Context of ‘One Belt and One Road’”, Journal of Shantou University Journal of Cyber Affairs, Vol. 7, 2017;
• “Brief Analysis on the Impact of Data on Competition in the Big Data Era”, Journal of Shantou University Journal of Cyber Affairs, Vol. 5, 2017;
• “Important things must know since Cybersecurity law took effect”, KWM China Law Insight, August 2017;
• “Brief Analysis on the Regulations for the Security Protection of Critical Information Infrastructure (Draft for Comments)”, KWM China Law Insight, July 2017；
• “Whether ‘Big Data’ Could Facilitate Monopoly in the Platform Economy and How We Shall Step In”，Competition Policy International, June 2017;
• “Petya Attack Makes It A Proper Time to Prepare Emergency Plan for Cybersecurity Incidents”, KWM China Law Insight，June 2017;
• “Security of ‘NEW’ Internet services remains under ‘Supervision’”, KWM China Law Insight, June 2017;
• “The Cybersecurity Law and its Supporting Rules Take Off Today”, KWM China Law Insight, June 2017.

Antitrust and Competition

• “China Anti-Monopoly Law Guide”, published by CCH;
• “GCR Know-how—IP & Antitrust 2017”, Global Competition Review;
• “Practical Law Global Guides: Competition Guide—China Merger Control Q&A”, Thomson Reuters;
• “Practical Law Global Guides: Competition Guide—China Restraints of Trade and Dominance Q&A”, Thomson Reuters;
• “Practical Law Global Guides: Cartel Leniency Guide—China Q&A”, Thomson Reuters;
• “The Cognizance of Vertical Price Monopoly Agreement—The Fusion of Administration and Judicature, KWM China Law Insight, July 2017;
• “On the Revision of Measures for the Administration of Automobile Sales—From the perspective of Anti-monopoly”, KWM China Law Insight, April 2017;
• “Focusing on the Antimonopoly Guide of State Council on Intellectual Property”, KWM China Law Insight, March 2017;
• “Regulation on ‘Exclusive Arrangements’”, KWM China Law Insight, March 2017;
• “Monopoly Issues in Sharing Economy”, KWM China Law Insight, December 2016;
• “Analysis on Abuse of Comparatively Advantageous Position”, KWM China Law Insight, November 2016;
• “Abuse of Dominance: New Developments in the Tetra Pak Decision”, KWM China Law Insight, November 2016; 
• “Anti-Monopoly Laws and Regulations On Information Exchange in Major Jurisdictions”, KWM China Law Insight, August 2016; 
• “Chinese Court Rendered Final Judgment on Rainbow v. Johnson & Johnson – the First Antitrust Private Action of Vertical Monopolistic Agreement”, KWM China Law Insight, August 2013.