China’s national congress has passed a new law created to further regulate the country’s cyberspace and protect online user data amid concerns of mismanagement and misuse that violated people’s privacy.
On Friday, China's National People’s Congress gave the green light to the Personal Information Protection Law designed to safeguard online users, according to state media outlet Xinhua. It will be formally implemented on November 1 and looks to clamp down on the supposed widespread mismanagement and misuse of personal data.
Chinese firms will be told they need to ensure better storage of user data and that they must also obtain an individual's consent before harvesting identifiable information. Companies will also need to adhere to new protocols for ensuring data protection when data is shared outside the country.
Also on rt.com ‘The people of China have spoken’: Beijing urges release of Huawei executive as 6 million petition Canada to drop extradition caseThe new law states that there must be a clear and reasonable purpose for handling personal information and looks to limit the use of the data to the “minimum scope necessary” for actualizing the firm’s set objectives.
Handlers of personal information, according to the law, will be required to designate an individual who is in charge of personal information protection. These handlers will also be subjected to periodic audits to ensure compliance.
China will also implement its Data Security Law on September 1. It classifies data according to its economic value and its relevance to the country’s national security.
The second draft of the Personal Information Protection Law was made publicly available in April, broadly resembling the European GDPR framework on personal data protection and management.
China has taken action against a number of firms allegedly violating user privacy. On Wednesday, the Ministry of Industry and Information Technology claimed that 43 apps had illegally transferred user data, and demanded that they make changes to their handling processes by August 24.
In July, the country’s cyberspace regulator, Cyberspace Administration of China (CAC), announced a probe into Didi, a Chinese ride-hailing giant, for allegedly violating user privacy.
If you like this story, share it with a friend!