wordpress blog stats
Connect with us

Hi, what are you looking for?

How is China’s data protection law different from EU’s GPDR? #PrivacyNama2021

The key differences between the two laws came up in a discussion focused on privacy legislation trends among BRICS countries.

“The concept of privacy is different in China. The law’s focus is on protecting individuals as well as national security,” Alexa Lee, senior manager for global policy at ITI Council, said while referring to China’s Personal Information Protection Law (PIPL).

China in August passed the Personal Information Protection Law, putting in place one of the world’s strictest data privacy laws. It is modeled after Europe’s robust General Data Protection Regulation (GDPR), but there are many important aspects in which PIPL differs from GDPR and other privacy regulations from around the world. Lee highlighted these key differences while speaking at PrivacyNama 2021, a global conference on privacy regulations held by MediaNama on October 6 and 7.

Summary: China’s Draft Personal Information Protection Law

What makes China’s PIPL different from GDPR?

  • PIPL is a set of broad principles, not a detailed law: Unlike the GDPR, the PIPL does not provide a lot of details on how the law works. Rather it’s a set of broad principles and more details with regards to specification will follow, Lee said.
  • Law focuses on individuals as well as national security: While privacy laws around the world focus on protecting individuals, China’s PIPL also focuses on national security because of China’s unique political system, Lee said. “So that’s why we see like data localisation measures, cross border data flow restrictions, and continuous surveillance and law enforcement powers,” Lee added.
  • Blacklist provision: The PIPL contains a provision that allows the Chinese government to establish a blacklist of overseas data controllers and processors from processing Chinese personal data if the government deems that the company has violated China’s national security of public interests, Lee said. This provision is unprecedented because no other privacy law has it, Lee added.
  • Provisions related to cross-border transfers: “The biggest significant difference between GDPR and the Chinese law is the provisions related to national security and cross-border data transfers,” Lee remarked. For two types of entities: operators of Critical Information Infrastructure or entities that process personal information that reaches a threshold amount, they will have to pass a security assessment administered by the Cyberspace Administration of China (CAC). Furthermore, to send personal data abroad for judicial or law enforcement purposes, an application must be filed with the relevant competent department for approval. However, international treaties or agreements, signed by China, that have provisions for cross-border data flows outside China, will supersede data localisation clauses of the law. 
  • Extra-territorial jurisdiction: Like GDPR, but unlike some other privacy legislations, PIPL applies if personal data related to people resident in China is processed outside China; this could include providing products and services from abroad to Chinese residents or analysing their online behavior.
  • Retaliatory measures against other countries: If a country or a region adopts “discriminatory prohibitions, limitations or other similar measures” related to personal data protection against China, the Chinese government can retaliate. This basically means that if a country or a region (read: USA, EU) doesn’t grant China adequacy status and thus refuses to sign a data-sharing treaty with China, the Chinese government may retaliate in kind.
  • No independent data protection authority: While in the EU the GDPR is administered by independent DPAs of the respective regions, China currently does not have an independent DPA, Lee said. Currently, multiple departments like the Cyberspace Administration of China (CAC) and the Ministry of Public Security are regulators of this space.

MediaNama hosted PrivacyNama 2021 with support from Facebook, Flipkart, Internet Society, Mozilla, Mobile Premier League, Omidyar Network, Paytm, Star India, and Xiaomi. We are also thankful to our community partners, the CyberBRICS Project, the Centre for Internet and Society, and the Centre for Communication Governance (NLU Delhi).

Advertisement. Scroll to continue reading.
Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ