CHINA / SOCIETY
Personal information protection law under third reading, to prevent big data abuse, excessive data collection
Published: Aug 17, 2021 08:58 PM
Photo taken on May 25, 2017 shows a demonstration center of Guizhou big data pilot zone in Guiyang, southwest China's Guizhou Province. Photo: Xinhua

Photo taken on May 25, 2017 shows a demonstration center of Guizhou big data pilot zone in Guiyang, southwest China's Guizhou Province. Photo: Xinhua



Chinese lawmakers have come one step closer to rolling out the country's first law on personal information protection, in bid to introduce legal regulations on issues including mobile apps' excessive collection and abuse of users' information, as the Standing Committee of the 13th National People's Congress (NPC), China's top legislature, started its 30th session on Tuesday.

A third reading will be given to the draft bill before it goes to the voting stage. 

As a notable agenda item of the session, which will run until Friday, the draft law includes revisions to the second reading version. It further improves the rules for handing personal information, especially on issues that have drawn many complaints, such as apps' excessive collection of personal information and abuse of big data to infringe on regular consumers' rights, according to Zang Tiewei, a spokesperson for the Legislative Affairs Commission of the NPC Standing Committee, who held a press conference last week.

"All aspects of society are highly concerned about the application of new technologies such as users' portraits and algorithm recommendations, and have wide complaints on issues like information harassment and abuse of big data to infringe on regular consumers' rights in related products and services… The draft law is meant to protect the legitimate rights of the public in cyberspace and provide specific regulation of automatic decision-making over personal information," the spokesperson told the media. 

The revised draft law stipulates that personal information of those under 14 years old shall be classified as sensitive personal information, while demanding that processers must make special rules when handling such data, according to the NPC official website. 

Shenzhen in South China's Guangdong Province, one of the major innovation hubs in China and home to IT giants such as Huawei and Tencent, adopted a data regulation, vowing to slap heavy fines on platforms using big data to treat clients with same transactions differently. Starting January 1, Shenzhen would impose a fine of up to 50 million yuan ($7.7 million) to violators.

Chinese consumers called online for such a regulation for the whole nation, as many complained they had encountered situations where they were given an even higher price for the same merchandise or services than new customers for travel bookings or food delivery, after paying monthly fees for VIP or memberships. 

The law on personal information is expected to provide a clear-cut definition on scenarios such as big data abuse or "price prejudice," Zhu Wei, a communications researcher at the China University of Political Science and Law in Beijing, told the Global Times on Tuesday.

How the new law coordinates with the existed rules - including the Shenzhen local one, and the national Civil Code as well as the Cybersecurity Law - on personal information, needs further observation, Zhu noted.

The revised draft law also stipulates protection of personal information to be transferred abroad in accordance with international treaties and agreements that China is party to, should not be less than the relevant domestic standards, read the website.




blog comments powered by Disqus