Menu Close

What is China’s new data privacy law about?

NEW DELHI: In a bid to tighten control over how companies — particularly tech giants — collect and handle their users’ information, China passed the Personal Information Protection Law (PIPL).

The law, which takes effect November 1, follows complaints that companies misused or sold customers’ data without their knowledge or permission, leading to fraud or unfair practices such as charging higher prices to some users.

Law and behold

* While the exact contours of the new law are as yet unknown, since the final draft has not been published, a previous version specified that companies will need consent from their users to collect personal data, with the user having the right to cancel that consent at any time.

* Additionally, companies can not refuse to provide their services to such users who deny consent for collection of personal data — unless that data is required for providing that product or service.

* The law also lays out guidelines for data protection when it is transferred out of the country and makes it mandatory for companies to not only designate an individual in charge of personal information but also conduct periodic audits that the law is being complied with.

* Failure to meet any of the provisions will result in hefty fines.

Twin tango

* The PIPL, which takes off from Europe’s General Data Protection Regulation (GDPR) that came into effect in 2018, together with the Data Security Law (DSL) which will be implemented from September 1, is expected to force companies to re-evaluate their data storage and processing practices. DSL tasks companies with segregating data based on its economic value and relevance to China’s national security.

* The laws arrive amidst tightening control by Chinese regulators over its industry and how it uses users’ data, prompted by public complaints about user privacy violations.

* Last month for instance, the country’s cyberspace regulator, Cyberspace Administration of China (CAC), announced that it will open a probe in the country’s ride-hailing app, Didi, which has been accused of violating users’ privacy. The company was forced to stop signing new users and its app removed from Chinese app stores.

Article: What is China’s new data privacy law all about?

Leave a Reply

Your email address will not be published. Required fields are marked *

(UN General Assembly, 1948) The Universal Declaration of Human Rights: 1. All human beings are free and equal 2. No discrimination 3. Right to life 4. No slavery 5. No torture and inhuman treatment 6. Same right to use law 7. Equal before the law 8. Right to be treated fair by court 9. No unfair detainment 10. Right to trial 11. Innocent until proved guilty 12. Right to privacy 13. Freedom to movement and residence 14. Right to asylum 15. Right to nationality 16. Rights to marry and have family 17. Right to own things 18. Freedom of thought and religion 19. Freedom of opinion and expression 20. Right to assemble 21. Right to democracy 22. Right to social security 23. Right to work 24. Right to rest and holiday 25. Right of social service 26. Right to education 27. Right of cultural and art 28. Freedom around the world 29. Subject to law 30. Human rights can’t be taken away