On December 29, 2017, the Standardization Administration of China, jointly with the PRC General Administration of Quality Supervision, Inspection and Quarantine, issued the Information Security Technology – Personal Information Security Specification, which officially came into effect on May 1, 2018. The Specification has, in very practical terms, become an important point of reference in evaluating the complex overlay of data protection compliance requirements found in the Cyber Security Law, the Law on the Protection of Consumer Rights and Interests, the e-Commerce Law and other enactments and measures.
Roy Zou
Busting the Myth: Compliance with the ‘Gold Standard’ of the GDPR Does Not Buy You a ‘Free Pass’ Under China’s New Personal Information Guidelines
China’s Revised Draft Data Localisation Measures
On 19 May 2017, the Cyberspace Administration of China released a revised draft of its Security Assessment for Personal Information and Important Data Transmitted Outside of the People’s Republic of China Measures. The draft emerged just over a week after public comments closed on the first draft of the measures. the Second Draft Export Review Measures do, to an extent, relax some of the more stringent requirements stated in the First Draft Export Review Measures and originally due to become law on 1 June, 2017 when China’s Cyber Security Law takes effect. However, the revised draft measures as set out in the Second Draft Export Review Measures still leave a significant compliance challenge for multi-national businesses operating in China . We explore the Second Draft Export Review Measures below.
Making Sense of China’s New Privacy Laws and Draft Internet Privacy Regulations
Although China does not have an omnibus privacy statute or framework, the Chinese government recently has released a number of new privacy guidelines and regulations. This blog posts discusses a number of those guidelines and regulations, including two draft rules: Provisions on the Protection of the Personal Information of Telecommunications, and Internet Users and the Provisions on Registration of the True Identity Information of Phone Users (“Provisions on Phone Users”).
Chinese Government Deliberates Consumer Rights Amid E-Commerce Boom
On April 28, the Standing Committee of the National People’s Congress, China’s top legislature, issued draft amendments to the 1993 Law of Consumer Rights and Interests highlighting China’s new initiative to address longstanding issues related to e-commerce fraud and illegal disclosures of consumer information. The draft amendments, which were open for public comment until May 31, 2013, aim to reform China’s 20-year-old consumer protection law, with almost half of the clauses in the current law being amended to cover e-commerce.
China: The Strengthening of Online Private Information Protection
With a population reaching billions, it is not a surprise that the number of internet users in China is drastically increasing. Such influx of Chinese “netizens” brings with it the importance for protection of online private information. As a result, in the last days of the 2012 calendar year, the Standing Committee of the National […]