Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Roy Zou

Posts by Roy Zou
Posted in International/EU Privacy

Busting the Myth: Compliance with the ‘Gold Standard’ of the GDPR Does Not Buy You a ‘Free Pass’ Under China’s New Personal Information Guidelines

On December 29, 2017, the Standardization Administration of China, jointly with the PRC General Administration of Quality Supervision, Inspection and Quarantine, issued the Information Security Technology – Personal Information Security Specification, which officially came into effect on May 1, 2018. The Specification has, in very practical terms, become an important point of reference in evaluating the complex overlay of data protection compliance requirements found in the Cyber Security Law, the Law on the Protection of Consumer Rights and Interests, the e-Commerce Law and other enactments and measures.

Posted in International/EU Privacy

China’s Revised Draft Data Localisation Measures

On 19 May 2017, the Cyberspace Administration of China released a revised draft of its Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures. The draft emerged just over a week after public comments closed on the first draft of the measures. the Second Draft Export Review Measures do, to an extent, relax some of the more stringent requirements stated in the First Draft Export Review Measures and originally due to become law on 1 June, 2017 when China’s Cyber Security Law takes effect. However, the revised draft measures as set out in the Second Draft Export Review Measures still leave a significant compliance challenge for multi-national businesses operating in China . We explore the Second Draft Export Review Measures below.

Posted in Consumer Privacy, International/EU Privacy

Making Sense of China’s New Privacy Laws and Draft Internet Privacy Regulations

Although China does not have an omnibus privacy statute or framework, the Chinese government recently has released a number of new privacy guidelines and regulations. This blog posts discusses a number of those guidelines and regulations, including two draft rules: Provisions on the Protection of the Personal Information of Telecommunications, and Internet Users and the Provisions on Registration of the True Identity Information of Phone Users (“Provisions on Phone Users”).

Posted in Consumer Privacy, International/EU Privacy

Chinese Government Deliberates Consumer Rights Amid E-Commerce Boom

On April 28, the Standing Committee of the National People’s Congress, China’s top legislature, issued draft amendments to the 1993 Law of Consumer Rights and Interests highlighting China’s new initiative to address longstanding issues related to e-commerce fraud and illegal disclosures of consumer information. The draft amendments, which were open for public comment until May 31, 2013, aim to reform China’s 20-year-old consumer protection law, with almost half of the clauses in the current law being amended to cover e-commerce.

Posted in Consumer Privacy, Cybersecurity & Data Breaches, International/EU Privacy

China: The Strengthening of Online Private Information Protection

With a population reaching billions, it is not a surprise that the number of internet users in China is drastically increasing.  Such influx of Chinese “netizens” brings with it the importance for protection of online private information.  As a result, in the last days of the 2012 calendar year, the Standing Committee of the National […]