On April 10, 2013, China’s internet regulator, the Ministry of Industry and Information Technology (“MIIT”), issued a draft regulation for public comment entitled Provisions on Protecting the Personal Information of Telecommunication and Internet Users (“Draft Provisions”). The Draft Provisions would impose additional requirements when telecommunication service providers (“TSPs”) and internet information service providers (“IISPs”) collect and use personal information (“PI”), and would direct these entities to implement a number of compliance measures to protect against disclosure, damage, or loss of PI. The Draft Provisions would also provide MIIT with significant authority to enter premises and request documents for purpose of assessing the PI protection efforts of any TSP or IISP.
The Draft Provisions are intended to implement the general requirements set forth in the Decision of the Standing Committee of the National People’s Congress on Strengthening Online Information Protection (“Online Information Decision”), which was promulgated in December 2012. (See our client alert here.) The term “IISPs” includes all companies utilizing a PRC-based website (i.e., a website registered with, or licensed by, MIIT) to collect PI from their customers or site visitors.Continue Reading China Releases Draft Regulation for Online Collection and Use of Personal Information