China gives green light to new law protecting personal data amid privacy violation concerns

China gives green light to new law protecting personal data amid privacy violation concerns

China’s national congress has passed a new law created to further regulate the country’s cyberspace and protect online user data amid concerns of mismanagement and misuse that violated people’s privacy.

On Friday, China's National People’s Congress gave the green light to the Personal Information Protection Law designed to safeguard online users, according to state media outlet Xinhua. It will be formally implemented on November 1 and looks to clamp down on the supposed widespread mismanagement and misuse of personal data. 

Chinese firms will be told they need to ensure better storage of user data and that they must also obtain an individual's consent before harvesting identifiable information. Companies will also need to adhere to new protocols for ensuring data protection when data is shared outside the country.

Also on
Huawei Technologies Chief Financial Officer Meng Wanzhou exits court at the conclusion of a hearing in Vancouver, British Columbia, Canada, August 18, 2021 © REUTERS/Jennifer Gauthier
‘The people of China have spoken’: Beijing urges release of Huawei executive as 6 million petition Canada to drop extradition case

The new law states that there must be a clear and reasonable purpose for handling personal information and looks to limit the use of the data to the “minimum scope necessary” for actualizing the firm’s set objectives. 

Handlers of personal information, according to the law, will be required to designate an individual who is in charge of personal information protection. These handlers will also be subjected to periodic audits to ensure compliance. 

China will also implement its Data Security Law on September 1. It classifies data according to its economic value and its relevance to the country’s national security. 

The second draft of the Personal Information Protection Law was made publicly available in April, broadly resembling the European GDPR framework on personal data protection and management. 

China has taken action against a number of firms allegedly violating user privacy. On Wednesday, the Ministry of Industry and Information Technology claimed that 43 apps had illegally transferred user data, and demanded that they make changes to their handling processes by August 24. 

In July, the country’s cyberspace regulator, Cyberspace Administration of China (CAC), announced a probe into Didi, a Chinese ride-hailing giant, for allegedly violating user privacy.

If you like this story, share it with a friend!


Post a Comment (0)
Previous Post Next Post