China’s principal internet regulator, the Cyberspace Administration of China (“CAC”), announced this week that China will move forward new legislation to combat the improper collection, use, and sale of personal information. The new legislation, announced during an interview of a senior CAC official by state-owned Xinhua News, is reportedly being drafted by CAC, the Ministry of Industry and Information Technology (“MIIT”), and the Ministry of Public Security (“MPS”).  A draft has not yet been released.

CAC, the country’s top cyberspace gatekeeper (and a dual-hatted Party/government organ), was established in 2011 by China’s State Council to streamline and strengthen internet regulation. Due to the lack of adequate enforcement resources, one of CAC’s key responsibilities is to coordinate with different ministries on internet-related matters and supervise and provide guidance to other ministries, including MIIT.  Among other things, internet data breaches fall under CAC’s broad jurisdiction.

China does not have a comprehensive personal information protection law, and more than a dozen patchwork and industry-specific sets of rules have been promulgated in recent years.  A more comprehensive draft Personal Information Protection Law, drafted by scholars in 2006 and submitted to the State Council in 2008, has not moved forward.  In the last two years, several delegates to the National People’s Congress have called for a comprehensive law to unify the country’s disparate personal information protection rules.  While the fate of such a comprehensive law is unclear, there are increasing signs that the Chinese government will enact additional legislation and regulations in the not-too-distant future regarding how businesses collect, use, protect, and transfer personal information.

Material for this post was supplied by Sheng Huang of Covington & Burling LLP.

Print:
EmailTweetLikeLinkedIn
Photo of Ashwin Kaja Ashwin Kaja

Ashwin Kaja is special counsel in the firm’s Beijing office and is a member of the firm’s International Trade, Public Policy, Data Privacy & Cybersecurity, and Anti-Corruption practice groups. He has advised multinational companies, governments, and other clients on a range of matters…

Ashwin Kaja is special counsel in the firm’s Beijing office and is a member of the firm’s International Trade, Public Policy, Data Privacy & Cybersecurity, and Anti-Corruption practice groups. He has advised multinational companies, governments, and other clients on a range of matters related to international trade, public policy and government affairs, data privacy, foreign investment, anti-corruption compliance and investigations, corporate law, real estate, and the globalization of higher education. He also serves as the China and India editor for Covington’s GlobalPolicyWatch.com. Mr. Kaja is also a certified information privacy professional (CIPP/US). Prior to joining the firm, Mr. Kaja was an associate at another major international law firm in Beijing.