The law is seen to be primarily targeted at technology companies which have grown increasingly powerful in China over the years.

[5] Article 36: The competent authorities of the PRC are to handle foreign justice or law enforcement institution requests for the provision of data, according to relevant laws and treaties or agreements concluded or participated in by the PRC, or in accordance with the principle of equality and reciprocity.

Domestic organizations and individuals must not provide data stored within the mainland territory of the PRC to the justice or law enforcement institutions of foreign countries without the approval of the competent authorities of the PRC.On September 28, 2023, the Cyberspace Administration of China (CAC) issued the draft Provisions on the Regulation and Promotion of Cross-Border Data Flows.

In the draft, CAC stated no government oversight is needed for data exports if regulators haven't stipulated that it qualifies as “important.”[6][7] Carolyn Bigg of law firms DLA Piper Hong Kong stated that the law represents: “another important piece in the overall data protection regulatory jigsaw in China”, making it: “complex" and "increasingly onerous" for international businesses to navigate through.

The law is seen to have wide-ranging implications and is seen as another step in the increasing lawfare between China and the United States in areas of trade, intellectual property and national security since the beginning of the US-China trade war which began in 2016.