Updated: August 20, 2021 04:58 AM GMT
People use their mobile phones as they walk out of a subway station in Beijing, China. (Photo: AFP)
China has passed a sweeping privacy law aimed at preventing businesses from collecting sensitive personal data as the country faces an uptick in internet scams, leaks and concerns about tech giants abusing clients' personal information.
Under the new rules passed by China's top legislative body on Aug. 20, state-run and private companies handling personal information will be required to reduce data collection and obtain user consent.
The Chinese state security apparatus will maintain access to swathes of personal data, however, and Beijing has long been accused of harnessing big tech to accelerate repression in Xinjiang province and elsewhere.
The new rules are also expected to further rattle China's tech sector, with companies like ride-hailing giant Didi and gaming behemoth Tencent in regulators' crosshairs in recent months over misuse of personal data.
The law aims to protect those who "feel strongly about personal data being used for user profiling and by recommendation algorithms or the use of big data in setting [unfair] prices," a spokesman for the National People's Congress told state news agency Xinhua this week.
It will prevent companies from setting different prices for the same service based on clients' shopping history, a common practice among Chinese online businesses.
It poses a very interesting geopolitical conundrum, which is the US does not have a national privacy law
The law is modeled on one of the world's strictest online privacy protection laws — the European Union's General Data Protection Regulation.
"China's new privacy regime is one of the toughest in the world," said Kendra Schaefer, a partner at Beijing-based consulting firm Trivium China. "China is not really looking at the short term with this law."
Instead, she said, it aims "to establish the foundations for the digital economy over the next 40 or 50 years."
The law also stipulates that the personal data of Chinese nationals cannot be transferred to countries with lower standards of data security than China — rules which may present problems for foreign businesses.
"The thing we're all on tenterhooks over is the issue of data transfer," Schaefer said. "It poses a very interesting geopolitical conundrum, which is the US does not have a national privacy law."
Companies that fail to comply can face fines of up to 50 million yuan (US$7.6 million) or 5 percent of a company's annual turnover.
Serious violators run the risk of losing their business licenses and being forced to shut down.
….as we enter the last months of 2021, we are asking readers like you to help us keep UCA News free.
For the last 40 years, UCA News has remained the most trusted and independent Catholic news and information service from Asia. Every week, we publish nearly 100 news reports, feature stories, commentaries, podcasts and video broadcasts that are exclusive and in-depth, and developed from a view of the world and the Church through informed Catholic eyes.
Our journalistic standards are as high as any in the quality press; our focus is particularly on a fast-growing part of the world - Asia - where, in some countries the Church is growing faster than pastoral resources can respond to – South Korea, Vietnam and India to name just three.
And UCA News has the advantage of having in its ranks local reporters who cover 23 countries in south, southeast, and east Asia. We report the stories of local people and their experiences in a way that Western news outlets simply don’t have the resources to reach. And we report on the emerging life of new Churches in old lands where being a Catholic can at times be very dangerous.
With dwindling support from funding partners in Europe and the USA, we need to call on the support of those who benefit from our work.