The Chinese digital sector is untouched by the ‘Great Firewall’, which protects the country’s online domains. But within it, controls have been less precise than it should have been, leading to reports of massive breaches of online privacy and questionable data practices. Now, the country has broken the whip on dishonest use of data with a new privacy law. Here’s what you need to know.
What does China’s data privacy law say?
The final version of the rules – called the Personal Information Protection Law (PIPL) – was passed by China’s National People’s Congress in August, but has yet to be issued. Reportedly set to go into effect from 1 November, the law is similar to most private data protection regimes around the world, including the European Union’s (EU) landmark General Data Protection Regulation (GDPR).
Like EU law, and those operating in India, PIPL covers not only Chinese entities but also any firm located outside the country that uses or stores data of Chinese citizens.
According to Reuters news agency, the law lays out the conditions for the collection of personal data and “sets out guidelines to ensure data security when data is transferred outside the country”. It also introduces provisions for obtaining consent of users for data collection.
Like the Indian Personal Data Protection (PDP) Bill – which is being examined by a joint committee of parliament – Chinese law mandates companies to “nominate a person in charge of personal information security”. The PDP Bill talks about a Data Protection Officer. which, among other things, will “act as a point of contact for the data principal (who owns the data) for the purpose of raising complaints”.
PIPL also stipulates that companies cannot deny services to individuals who refuse to share certain data, unless the collection of such data is critical to its business.
Why has it been brought?
China passed in June this year what is known as its Data Protection Law (DSL), which experts say “addresses all types of data, with perhaps a greater emphasis on handling non-personal information”. Together with PIPL, it represents China’s most concerted effort ever to create a system to protect personal data, even as the country runs massive electronic surveillance networks to track its citizens. is charged with.
The state-run Xinhua News Agency said PIPL also requires prominent signs to be installed in public places where image acquisition and personal identification equipment are installed, “determining that the collected images and identification information should only be used to protect public safety.” can be done for”.
Experts say that this law also clears the way for conflict with America. The EU GDPR has already seen tough crackdowns and heavy fines on the US-based tech giant. While Google and Facebook are not allowed to operate in China, the rules brought in by Beijing potentially form the basis for any US company that uses the data of Chinese citizens.
In fact, a report good As part of the DigiChina project, based at the Stanford University Cyber Policy Center, it said that “since China is such an important market, its data regulations have major implications for international businesses that deal with China in many ways”. And “almost” every major corporation in the world will need a China PIPL compliance strategy”.
What does the law mean for Chinese tech giants?
China has been lashing out at its tech giants lately and various state and consumer organizations have been coming up with rules and advice to regulate their operations. In January of this year, the China Consumer Association issued a statement rebuking tech firms for “bullying” consumers into buying and promoting.
China’s State Administration for Market Regulation (SAMR) has written rules to promote fair competition, while its Ministry of Industry and Information Technology has issued warnings to 43 apps for illegally transferring user data.
CNBC reported that the Chinese had intensified action against tech companies after forcing them to cancel an initial public offering of Alibaba-Ober Ant Group in November last year. It added that SAMR has fined Alibaba $2.8 billion in a recent anti-monopoly investigation.
The law proposes a fine of up to 50 million yuan (US$7.74 million) or up to five percent of the annual turnover of a company that violates the PIPL. The penalty is similar to the one prescribed under GDPR, which is €20 million, or 4% of the firm’s worldwide annual revenue from the previous fiscal year, whichever is higher.
read all breaking newshandjob breaking news And coronavirus news Here
.