China Introduces Guidelines for Data Privacy Protection

Talk to Us

Shan Nair
+1 408.515.6887
info@nair-co.com
Manoj George
+1 650.678.2991
info@nair-co.com
Gary Pavlik
+1 978.821.3270
Gary.pavlik@nair-co.com
Barbara Ingetti
+1 239.948.9820
Barbara.Ingetti@nair-co.com
Venkat Eswaran
+91 998.754.9428
Venkatesh.Eswaran@nair-co.com
Giuseppina Sammartino
+44 (0) 117 929 9661
Giuseppina.Sammartino@nair-co.com

China Introduces Guidelines for Data Privacy Protection

China recently issued a draft detailing Information Security Technology Guidelines for Personal Information Protection, the latest in a series of efforts to address rising data privacy concerns amongst locals and corporations in the country.

A non-binding "Guiding Technical Document", the draft was issued by Administration of Quality Supervision, Inspection and Quarantine ("AQSIQ") and the Standardization Administration of China ("SAC").

Highlights include:

Defining what constitutes personal information. As per the draft, personal information includes information that can be collected and processed, relating to individuals; and can lead to the disclosure of the identity of the individual either by itself or in combination with other information;
Establishes an overarching principle that the holders of personal information keep such information confidential;
Includes specific requirements that express consent be obtained for third-party disclosures, usage, etc. of personal information;
Defines a set of specific principles to be observed during the collection, processing, use, transfer, and maintenance of personal information;
Application of such principles specifically to personal data on computer networks (as opposed to other data storage media in hard-copy form);
Restrictions on outsourcing the handling of personal information; and
Prohibition on the export of personal information unless expressly permitted by law or otherwise approved by government authorities.

China’s move towards addressing Data Privacy concerns could affect players in the country’s fast-growing internet marketplace. The Draft further prohibits export of regulated data unless allowed by law and this could affect multinationals wanting to transfer data, particularly employee data, outside China. Foreign data collectors and consumer intelligence companies may also need to form a subsidiary in China for data processing. The draft guidelines if passed are like to increase the cost of compliance and risk management.

Please call/email for more details

Disclaimer :

Published: Jan 1, 2011. The information provided on this page is intended merely to highlight issues for general information purposes only. It is not comprehensive nor does it provide legal advice. Any information is subject to change without notice. No liability whatsoever is accepted by Nair & Co.

About Us Nair & Co. Difference Our Team Global Offices Contact Us	Start Up Activity Accounting Human Resources Payroll Legal	Tax & Compliance Risk Assessment India Incubater Closing Down Operations Global Mobility Service	News Industry Alerts Webinars/Video Press Room Nair & Co in News	Success Stories Testimonial InterCompany Agreement Templates BPO Shared Services Blogs	Careers Press Contact FAQs Site Map Privacy Policy

© Nair&Co.,2011. All right reserved.