The number of internet users in China has rapidly increased to over 900 million individuals as of March 2020. As internet availability continues to rise in China and the country’s digital community grows in virtually all industries and populations, the People’s Republic of China is keying into the fact that foreign and domestic businesses seeking to capitalize on China’s market must adhere to rules regarding processing and transferring personal information across China’s borders.
On October 21, 2020, the National People’s Congress Standing Committee unveiled its draft Personal Information Protection Law (PIPL) to the public for view and comment. If enacted, PIPL will be China’s comprehensive law on the protection of personal data. The necessity of PIPL was cited in part by the National People’s Congress Standing Committee due to China’s explosive growth of information integration and the amount of personal data collected. The Committee asserted that protection of its citizen’s personal information was of utmost importance for economic development and that there needed to be clear requirements in order to strengthen personal information protection. Interestingly, PIPL provides numerous data protection principles similar to those we have seen enacted under the European Union’s General Data Protection Regulation and the California Consumer Privacy Act. Specifically, the draft PIPL appears to take on general principles of transparency, fairness, limitations of purpose for data processing, retention limitations, and accountability. Some of the more notable items within the draft PIPL include:
Continue Reading China’s Personal Information Protection Law (PIPL) – Data Privacy in the Land of Big Data