Re: [At-Large] China and Personal Data Protection
China has recently issued a regulation entitled “Several Provisions on Regulating Market Orders of Internet Information Services” (the “New Regulations”) that come into effect on March 15, 2012. The regulation explicitly imposes the data protection requirements on their Internet information service providers. The early report says it is consistent with data protection regimes in play elsewhere, including recent EU regulations; to expressly inform the method, content, and purpose for collecting and processing personal data in notice and consent communiques; stronger protection for the personal data they collect; collection limitations; use limitations; custody, remedy and breach notification obligations. The definition of user personal information in the regulations includes both (1) information that independently identifies a user and information that may be used to identify a user when combined with other information. Here's a very readable outline analysis of what was originally proposed. http://www.mallesons.com/publications/marketAlerts/2011/Chinaproposesnewinte... - Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
Thanks for sharing this. These New "Regulations" are at the ministerial administrative regulations, which are not "laws" binding in the judicial system (but can be of reference whenever necessary). Nonetheless, personal data protection has long been protected in the Chinese legal system, dating back the early "administrative regulations" from 1997. ISPs have always been obligated to protect their users' "privacy", which is a civil right protected under the Chinese Tort Liability Law. If an ISP illegally discloses and/or transfers its users' personal data, it should be subject to criminal liability under the Chinese criminal law. What is missing and badly needed is a "specific" law or regulation on personal data protection so as to converge the scattered legal provisions from different sources. The new regulations merely add another piece on the legal patchwork. Actually there are quite a few regulations that are going to be effective or being drafting ("Regulations on Administration of Internet Retails") have the same function. Anyway, as far as legal protection for personal data can be improved or enhanced in China, irrespective whether it is in a small step forward or merely restatement of existing law, it deserves welcomed. Hong -- Dr. Hong Xue Professor of Law Director of Institute for the Internet Policy & Law (IIPL) Beijing Normal University http://www.iipl.org.cn/ <http://iipl.org.cn/> 19 Xin Jie Kou Wai Street Beijing 100875 China On Fri, Feb 3, 2012 at 11:06 PM, Carlton Samuels <carlton.samuels@gmail.com>wrote:
China has recently issued a regulation entitled “Several Provisions on Regulating Market Orders of Internet Information Services” (the “New Regulations”) that come into effect on March 15, 2012.
The regulation explicitly imposes the data protection requirements on their Internet information service providers.
The early report says it is consistent with data protection regimes in play elsewhere, including recent EU regulations; to expressly inform the method, content, and purpose for collecting and processing personal data in notice and consent communiques; stronger protection for the personal data they collect; collection limitations; use limitations; custody, remedy and breach notification obligations.
The definition of user personal information in the regulations includes both (1) information that independently identifies a user and information that may be used to identify a user when combined with other information. Here's a very readable outline analysis of what was originally proposed.
http://www.mallesons.com/publications/marketAlerts/2011/Chinaproposesnewinte...
- Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* ============================= _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
Looks like Chinese legal framework is very close to ours, with thousand laws and regulation ( sometimes even conflicting one to another). At my first time in federal government we compiled all laws and regulations regarding export and import and approved a single large law including all aspects in use at the time, solving conflicts etc. Digital era I believe needs to make similar task here to clean up the scattered rules. The problem is the need of a lawyers in that Export/import area drop for more than 10 times. So digital lawyers may be lobbying to avoid such move. Kisses -----Mensagem original----- De: at-large-bounces@atlarge-lists.icann.org [mailto:at-large-bounces@atlarge-lists.icann.org] Em nome de Hong Xue Enviada em: sexta-feira, 3 de fevereiro de 2012 23:43 Para: At-Large Worldwide Assunto: Re: [At-Large] China and Personal Data Protection Thanks for sharing this. These New "Regulations" are at the ministerial administrative regulations, which are not "laws" binding in the judicial system (but can be of reference whenever necessary). Nonetheless, personal data protection has long been protected in the Chinese legal system, dating back the early "administrative regulations" from 1997. ISPs have always been obligated to protect their users' "privacy", which is a civil right protected under the Chinese Tort Liability Law. If an ISP illegally discloses and/or transfers its users' personal data, it should be subject to criminal liability under the Chinese criminal law. What is missing and badly needed is a "specific" law or regulation on personal data protection so as to converge the scattered legal provisions from different sources. The new regulations merely add another piece on the legal patchwork. Actually there are quite a few regulations that are going to be effective or being drafting ("Regulations on Administration of Internet Retails") have the same function. Anyway, as far as legal protection for personal data can be improved or enhanced in China, irrespective whether it is in a small step forward or merely restatement of existing law, it deserves welcomed. Hong -- Dr. Hong Xue Professor of Law Director of Institute for the Internet Policy & Law (IIPL) Beijing Normal University http://www.iipl.org.cn/ <http://iipl.org.cn/> 19 Xin Jie Kou Wai Street Beijing 100875 China On Fri, Feb 3, 2012 at 11:06 PM, Carlton Samuels <carlton.samuels@gmail.com>wrote:
China has recently issued a regulation entitled "Several Provisions on Regulating Market Orders of Internet Information Services" (the "New Regulations") that come into effect on March 15, 2012.
The regulation explicitly imposes the data protection requirements on their Internet information service providers.
The early report says it is consistent with data protection regimes in play elsewhere, including recent EU regulations; to expressly inform the method, content, and purpose for collecting and processing personal data in notice and consent communiques; stronger protection for the personal data they collect; collection limitations; use limitations; custody, remedy and breach notification obligations.
The definition of user personal information in the regulations includes both (1) information that independently identifies a user and information that may be used to identify a user when combined with other information. Here's a very readable outline analysis of what was originally proposed.
http://www.mallesons.com/publications/marketAlerts/2011/Chinaproposesnewinte rnetregulation/Pages/default.aspx
- Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* ============================= _______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large At-Large Official Site: http://atlarge.icann.org
participants (3)
-
Carlton Samuels -
Hong Xue -
Vanda UOL