As China’s central regulators finalize several national laws with data privacy components, provincial and municipal authorities are filling in the current legislative gap by passing local regulations governing the collection of personal information.
Currently at the national level, sector-specific laws target various aspects of personal information collection but no single comprehensive law exists to govern data privacy. Although efforts from the central government are expected to pick up in 2012, as we previously reported, pertinent national legislation remains in draft form. As these laws creep through China’s legislative process, the Chinese public is growing increasingly concerned about the security of their personal information following several high-profile scandals involving online disclosure.
In the absence of national legislation, China’s local governments have stepped in to fill the void. The municipal government of Shenzhen, a city of ten million across the border from Hong Kong, commissioned the Shenzhen Lawyers Association in late 2010 to research and draft the “Shenzhen City Regulation on Personal Information Protection.” While exact details of the regulation have yet to be released to the public, the Shenzhen Municipal People’s Congress Standing Committee is currently deliberating the first research draft report with approval expected to follow in early 2012.