Shanghai: China National People’s Congress on Friday officially issued laws designed to protect the privacy of online user data and will implement policies from November 1, according to State-Media Outlet Xinhua.
The legal section complements other pillars in the State’s efforts to regulate the Cyberspace and are expected to increase compliance requirements for companies in this country.
China has instructed the technology giant to ensure safer user data storage, amid public complaints about mismanagement and abuse that has resulted in the violation of user privacy.
The law states that the handling of personal information must have a clear and reasonable goal and will be limited to “the minimum scope needed to achieve the objectives of the handling data”.
It also shows conditions that can collect personal data, including obtaining individual approval, and put guidelines to ensure data protection when data is transferred abroad.
Law also calls for handling personal information to appoint individuals responsible for the protection of personal information, and call for handlers to conduct periodic audits to ensure compliance with the law.
The second draft of the personal information protection law was released in public at the end of April.
Personal Information Protection Act, along with data security laws, marks the two main regulations set to regulate the Internet China in the future.
Data security laws, to be implemented on September 1, establishes a framework for companies to classify data based on its economic value and relevance to Chinese national security.
Law of personal information protection, meanwhile, given the European GDPR in establishing a framework to ensure user privacy.
Both laws will demand companies in China to check data storage and processing their processing to ensure they are obedient, according to experts.
The law arrived amid a broader tightening of rules in the industry of Chinese regulators, which have ravaged large and small companies.
In July, the Chinese Cyberspace administration (CAC), the top Cyberspace regulator, announced it would launch a probe to the Chinese Round Giant Didi Global Inc.
because it was allegedly violating the privacy of users.
On Tuesday, China’s State Administration for Market Regulations (SAMR) passed a set of rules aimed at increasing fair competition, prohibiting practices such as fake online reviews.
In January, the Chinese consumer association supported by the government issued a statement that criticized technology companies for consumers “intimidation” to make purchases and promotions.
Since then, regulators have routinely rebuke companies and applications to violate user privacy.
On Wednesday, Chinese Minister of Industry and Information Technology accused 43 applications to transfer user data illegally and asked them to create partners before August 24.
China passes the privacy law of new personal data, to take effect on November 1
