With China’s passage this month of its Cyber Security Law (the “Law”; unofficial English translation on China Law Translate), much of the attention in the international business community has focused on how business obligations will change for mainland China operations and how the law will generally affect cross-border handling of customer, operations, and other data. These are all legitimate questions, and this attention is bound to create additional questions for China’s regulators to answer. There is another area worth considering: To what extent may foreign businesses and individuals use the Law’s mandates to seek relief for data breaches and other cyber security compromises? Recent reports