Barbara Li

Norton Rose Fulbright LLP

Barbara Li

Barbara Li



Barbara Li is a corporate and TMT lawyer based in the Beijing office. Dual-qualified in the PRC and England and Wales, Barbara focuses her practice on China-related corporate and commercial matters, M&A, joint ventures and cross-border counselling.

She has a wealth of experience in the TMT industry and has over 17 years' experience of advising international companies on doing business in China. Previously she was in-house legal counsel for Ericsson in Beijing, China.

Barbara leads the firm's award-winning China TMT and FinTech practice. She is described as having "extensive experience in complex TMT regulatory issues" by Legal 500 Asia Pacific 2019, in which she is also recommended as a leading individual for M&A transactions in the Chinese market.

She is ranked as a recommended practitioner in the 2011-2018 editions of IFLR 1000 and the 2010-2011 editions of PLC Which Lawyer.

She is the vice-chair of the Cybersecurity Sub-working Group of the EU Chamber of Commerce and frequently writes and speaks at professional and industrial conferences.

Barbara graduated from the China University of Law and Political Science with an LL.B. (1989) and an LL.M. (1992), followed by an LL.M from King's College, London University (1997). She completed the Common Practice Examination course in 1999 and the Legal Practice Course in 2000.

Barbara is a native Chinese speaker and fluent in English.

Professional experience

Expand all Collapse all
  • Solicitor, qualified in England & Wales
  • Lawyer, qualified in People's Republic of China

Includes advising on the following:

  • A worldwide information services provider on its data project involving the collection, processing and transfer of data in China
  • An international airline company's risk analysis for its business models in China, including: collection, processing and transfer of data in China and cross-border electronic data transfer under PRC Cybersecurity Law
  • A global anti-virus software company on its software registration and data protection issues
  • A famous international airline company cross-border transfer of electronic data under the PRC Cybersecurity Law
  • A worldwide insurance broker company on the risk impact assessment regarding the notification obligation of information controller under the PRC Cybersecurity Law
  • An international travelling company on its data privacy policy regarding the collection, processing and transfer of customer data in China
  • A famous international fashion company on the risk analysis in relation to collection, processing and transfer customer data and notification obligation of the network operator under the PRC Cybersecurity Law
  • An international education group on data compliance issue
  • An international industrial and aerospace manufacturer on data protection compliance issue
  • A Canadian bank on the expansion of its e-banking business in China
  • A Canadian financial institution on the roll out of a BYOD scheme in China
  • A leading international property development company on the procedures on collection and use of customers' personal data for compliance with the relevant data privacy laws in China, and advising providing comprehensive advice on issues around marketing usage, data ownership, data transfer and processing, data access and correction rights, data retention and data security measures, and drafting privacy guidance and policy
  • A Nasdaq-listed US IT company on a major data and cyber security project in China, including comprehensive data compliance due diligence, drafting and reviewing China data program, privacy statement and data transfer agreement
  • A leading European insurance company on its insured in a cyber breach incident
  • A German automotive company on the consumer data protection matters
  • A Silicon Valley-based high-tech company on a wide range of regulatory and corporate matters, including: the strategy for entering into the PRC market, options and alternatives for establishing its business presence in China, technology licensings and cyber security and encryption matters, regulatory and licensing requirements for cloud computing business in China, and contractual arrangements with Chinese partners
  • An international pharma company on a compliance review of its practice in a range of Chinese cybersecurity laws, including advising on the collection, use and cross-border transfer of consumer data
  • An Australia-based international banking group on the digitalisation of its China banking business, covering a wide range of matters including e-signature, data protection and outsourcing
  • A NYSE-listed technology solutions company on its business strategy in handling data privacy and cyber security matters in China
  • An international bank on its BYOD project and data issues
  • A US-insurance company on its data policy in China
  • A European insurance company on financial data cross-border transfer issues
  • A European manufacturing company on its China data program for customer and employee data.
  • English
  • Mandarin Chinese