In its effort to regulate cyberspace, China has passed a new personal data privacy law to protect online user privacy. This legislation will come into effect from November 1, 2021, Reuters reported.
With this law, China is expected to add more compliance requirements for companies in the country. It has instructed its tech giants to ensure better & more secure storage of user data. Further, the government said, public complaints are growing regarding mismanagement and misuse. This has resulted in user privacy violations. China’s state administration for Market regulation has also published a set of draft rules aimed at improving fair competition.
The Personal Information Protection Law, along with the Data Security law, is now set to regulate the conduct of Chinese tech firms.
Data Security Law’s mandate
The law mandates that the handling of personal information must have a clear & responsible purpose. Additionally, there will be minimum scope necessary to achieve the goals of handling data.
Further, it lays down the lawful basis for which companies can collect personal data. It lays down individual consent as well other guidelines to ensure data protection when data a firms transfers data outside the country. The law also calls for companies that possess personal data to designate an individual in charge of personal information protection. They have to conduct periodic audits to ensure compliance with the law as well.
China is tightening its grip on almost every industry in the country. This has rattled a lot of companies. In light of this, many companies have taken pre-emptive steps to dodge regulatory wrath.
China has blown up what would have been the world’s largest initial public offering. It began investigations into some of its greatest technological businesses and wiped away more than $1 trillion in market value. The country is also in the process of drafting a new cybersecurity industry plan. Recently, China reprimanded 43 apps for breaking data transfer rules.