Saturday, April 27, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Privacy, what will change in China for Didi, Tencent and more

3 years ago babelfish

Privacy, what will change in China for Didi, Tencent and more

China has passed a law to protect online privacy. The details are few, but a new squeeze on tech companies is shaping up

In China, the National People's Assembly, i.e. the national legislative chamber, today officially approved a law to protect the privacy of online users. It will come into effect on November 1st.

WHAT CHINA DOES ABOUT DIGITAL REGULATION

As Reuters notes, the passing of the law – called the Personal Information Protection Act  – adds another piece to the Chinese government's efforts to regulate cyberspace and should establish additional compliance requirements for companies operating in the country.

Beijing authorities have already ordered large national technology companies to ensure higher security standards regarding the retention of user data, following public complaints about their mishandling and improper handling, which led to privacy violations.

WHAT THE LAW PROVIDES

The law establishes that the processing of personal information must have clear and reasonable purposes and must be limited to the "minimum scope necessary to achieve the purposes" of their use. And it sets out the conditions that companies must comply with to collect personal data (obtaining consent, for example), as well as the guidelines to follow to ensure the protection of data transferred outside China.

The details are unknown, but – Bloomberg writes – violations of the rules foreseen by the law could cost companies fines of up to 50 million yuan (7.7 million dollars).

THE DATA SECURITY LAW

The Law for the protection of personal information – the second draft of which was made public last April – shares the objective of the European regulation on data protection, the GDPR: to establish a reference regulatory framework for the protection of privacy.

The other major Internet regulation law recently developed by China is the Data Security Act. It will enter into force on September 1 and establishes a set of obligations for companies related to the classification of the data they hold on the basis of economic value and relevance to China's national security.

CHINA'S CLOSE ON TECHNOLOGICAL COMPANIES

The laws on the protection of personal information and data security come at a time of "tightening" by the Chinese regulators on domestic technology companies, especially the largest ones such as Alibaba, Tencent and Didi Global.

For example, last month the CAC, the main cyberspace regulator, announced an investigation into Didi Global (China's private chauffeured transport service, similar to Uber) for alleged violations of user privacy. Last week a civil lawsuit was opened against Tencent (the tech giant that developed WeChat) for violations of laws protecting minors. The market regulator, SAMR, passed a set of fair competition rules on Monday, which among other things prohibit fake reviews online. On Wednesday, the Ministry of Industry and Information Technology accused 43 Chinese applications of illegal transfer of user data. In January, the Beijing-backed Consumers' Association criticized tech companies for "bullying" consumers into buying.

THE GOAL OF THE GOVERNMENT

The Chinese government's goal is to harness those companies that could become stronger than the Communist Party and bring a sector (the data economy) that can cause social instability back under state control. On the other hand, Beijing is also called upon to respond to citizens' privacy concerns, given the widespread use by technology companies of facial recognition tools or similar.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/cina-privacy-legge-dati-personali/ on Fri, 20 Aug 2021 13:12:40 +0000.