porno Chinese Law | China: China Enacts New Data Privacy Legislation
China -  Chinese law firm
 China Lehmanlaw - Chinese Law Firm

China Enacts New Data Privacy Legislation

In order to strength the protection of  an individualís personal online information , China government promulgated a new law entitled the Decision of Standing Committee of the National Peopleís Congress on Strengthening Online Information Protection(ďDecisionĒ) on December 28, 2012, which becomes effective as of the promulgation date.

Q: What is the purpose of the Decision and what kind information will be protected under this Decision?

A: The Decision was drafted with the purpose of strengthening the protection of an individualís personal electronic information. In practice, many companies operating website misused or leaked an individualís personal electronic information to third party with the purpose of making money. Also, some users registered on blog, micro-blogs or online forum under the assumed names, which would disseminate untrue information and therefore infringe other partyís right or even hurt the state security. Then PRC government promulgated this Decision trying to protect the security of an individualís personal electronic information.

Q: What is the definition of personal electronic information?

A: According to Article 1 of the Decision, an individualís personal electronic information should refer to information by which the individual identity of citizens can be distinguished as well as that which involves a citizenís privacy.

Q: Who should bear the obligations regarding use or collection of a citizenís personal electronic information?

A: under the Decision, any individual or entity should not steal or collect, through illegal means, a citizenís personal electronic information, and should not sell or unlawfully provide a citizenís personal electronic information to the other party. The Decision also set forth the specific requirements for network service provider and other enterprises or public institutions on use and collection of a citizenís personal electronic information (please see below).

Q: What are the specific requirements for network service provider or other enterprises or public institutions using or collecting a citizenís personal electronic information?

A: In particularly, the network service provider and other enterprises or public institutions should, when collecting or using a citizenís personal electronic information, adhere to the principles of lawfulness, proper purpose and necessity, and clearly indicate the purpose, method, and scope of their use and collection of an individualís personal electronic information, and should not collect or use this information without the individualís consent or in breach of agreed purpose, method or scope or in violation of laws or regulations.

Also, the network service provider and other enterprises or public institutions should, when using or collecting a citizenís personal electronic information, have this citizen being aware of the rules of using and collecting such information.

Q: What are the confidentiality obligations of personal electronic information for network service provider or other enterprises or public institutions?

A: Network service providers, other enterprises or public institutions and their employees should keep a citizenís personal electronic information confidential, and should not disclose, distort, damage, sell or illegally provide such information to any third party.

Also, the network service providers and other enterprises or public institutions must take necessary steps to maintain the confidentiality of information, ensure information security and prevent such information from being disclosed, damaged or lost.

Q: Is a user required to do real name registration when he/she register on the website of a network service provider?

A: Yes. A user must supply real identity information when he/she register on the website of a network service provider which provides either internet publication services or website access services.

Q: Is the commercial electronic information allowed to send to an email recipient or a user?

A: the Decision stipulates that any organization or individual is not permitted to send so called commercial electronic information (such as spam or other commercial solicitation information) to a recipientís email box, land-line telephone, or cell phone without his/her consent or request, or following a userís clear refusal.

Q: What is the punishment for breach of the Decision?

A: According to the Decision, a person who is in violation of the Decision would bear civil, administrative or criminal liability, including without limitation warnings, fines, confiscation of illegal income, cancellation of operating permits, website closure, or the prohibition of involved individuals from engaging in other network services business.

RSS Feeds