The newly passed Cybersecurity Law of the People’s Republic of China will take effect in June 2017, and it is expected to have a significant impact on multinationals doing business in mainland China. The law affects both domestic and foreign companies operating on the Chinese mainland and covers a wide range of activities including the use of the internet, information and communications technologies, personal data, national security and more.

The difficulties with determining the steps needed to comply with such sweeping changes are only complicated by the fact that a large number of key terms in the law have yet to be clearly defined. As a result, China’s new Cybersecurity Law will continue to evolve as the national government interprets it.

Here are some key provisions to follow in the coming months.