Skip to content

China Passes Data Privacy Law, Toughens Regulation On Tech Companies

The new law was approved by China's Standing Committee of the National People's Congress.

WASHINGTON — China has toughened its regulation on its tech companies by approving new rules about collecting and using personal data.

The Personal Information Protection Law — which was approved on Aug. 20 by China’s Standing Committee of the National People’s Congress and will take effect Nov. 1 — prohibits “illegally collecting, using, processing, transmitting, disclosing and trading people’s personal information.”

The full text of the law is not yet public; among other things, it “clarifies” rules governing the “processing” and “provision” of personal information across borders.

“Protecting personal information is essential. Domestically, during the process of opening up government information, it was crucial to effectively protect personal information and curb the infringement of personal rights,” said Zhou Hanhua, Vice President of the Institute of Law at the Chinese Academy of Social Sciences.

“Internationally, the Data Protection Directive enacted by the European Union in 1995 had been influential, adding to the importance of bringing personal information protection law to China’s legislative agenda.”

News of the law comes as some Chinese tech firms, including ride-hailing company Didi, have been accused of mishandling user data in recent months.

Shortly after Didi went public in the United States, Chinese regulators accused it of “illegally collecting and using personal information.”

China has been cracking down on its tech giants.

Chinese President Xi Jinping recently delivered a big blow to Wall Street investors when he crushed Didi after US investors pumped billions of dollars into it.

The Chinese companies ordered the removal of the Didi app from the app store, citing data privacy concerns, and its stock dipped 30 percent of its original value just sometimes after many US investors landed billions into it.

And this situation is getting worse; huge Chinese tech giants like Alibaba and Tencent are paying fines against various allegations.

The Chinese government is still de-stalling many companies that have raised money from the US market. It has become an admitted fact that all Chinese profit-making firms are under the direct control of the Chinese Communist Party.

The law will create stronger regulation of China’s public surveillance system, requiring the disclosure and labeling of hardware used in identifying people in public places. Collected data can only be used for maintaining public safety.

China operates a vast network of cameras, backed by advanced facial recognition and AI-driven technology, to control crime and check identities in subways, schools, and office buildings.

The law also stipulates that companies cannot use personal data to target individuals for marketing. And firms must provide easy ways for users to opt-out of targeted marketing.

“Sensitive personal information — such as biometrics, health care, and financial accounts — should only be processed with the individual’s consent,” said sources.

“Should a company illegally handle personal information, their services could be suspended or terminated, according to the law. Those who refuse to make corrections will be handed a fine of up to 1 million yuan ($153,000).”

The news rocked Chinese tech stocks on Aug. 20, adding to what has already been another disastrous week. (JD), Xiaomi, and Alibaba (BABA) fell 2 percent or more in Hong Kong.

Health information affiliates of JD, Alibaba, and Ping An Insurance were among the worst performers, all plunging 13 percent or more.

(With inputs from ANI)

Edited by Saptak Datta and Praveen Pramod Tewari

Recommended from our partners