A new data protection law has been passed in China. This is intended first and foremost to strengthen the rights of individual citizens. But apart from that, the government of the People’s Republic also seems to have quite different intentions. The Middle Kingdom is killing two birds with one stone by showing large national Internet companies their limits and at the same time creating more trust among the population.
PIPL applies since November 1
November 1, 2021, is a historic day for Chinese data privacy advocates. After all, it was on this day that the Personal Information Protection Law (PIPL) was launched. This can be most closely compared to Europe’s General Data Protection Regulation (GDPR). Chinese citizens will finally be able to freely decide on the processing and storage of their personal data. The purpose of the landmark law is made clear in Article 2:
“The personal data of natural persons shall be protected by law; no organization or individual shall infringe upon the rights and interests of natural persons with respect to personal data.”
Regulations beyond data protection
The purpose of the PIPL is to provide standardization of data protection principles in the gigantic country. However, the regulations of the law also go beyond the protection of personal information. For example, the individual articles also contain regulations on the use of algorithms. In particular, there is room in the PIPL for the resulting discrimination in price calculations. If you take a look at the extensive catalog, it is really astonishing what a U-turn China is making here. After all, this is a 180-degree turn by the government, so to speak. Data protection simply did not exist in China until now.
GDPR as a model
China originally wanted to model its data protection law on the USA. However, it very quickly became apparent that US data protection is extremely complicated. Each state has its own regulations, which can cause a lot of confusion. It is therefore hardly surprising that the country quickly abandoned its original goal. However, a change of direction was clearly not difficult for the government in the Far East. Thus, they decided to rather take the GDPR as a model. A look inside the PIPL quickly reveals that some entire passages are identical to the EU’s comprehensive data protection law. The similar conception results in great advantages for European companies. Since they had to adapt their own data protection standards anyway in view of the GDPR, they are well prepared for the new regulations in China. Especially compared to US companies, this is a decisive advantage.
Finally strengthened user rights
The fact that a comprehensive data protection law would have to be brought into being in China has been clear for many years. Since digitalization plays a much greater role in the world’s most populous country than in our climes, people would also have to be better protected. The risks in the digital space are too great. On top of that, the Chinese government obviously wants to ensure that the unstoppable growth of powerful digital companies is stopped. In the view of the Chinese government, these companies are causing an increasing imbalance within society. With the help of the new law, the rights of the individual will finally be strengthened. But beyond that, the policy in the Middle Kingdom ensures that the population regains more trust in public officials. In view of the state leadership’s questionable surveillance methods against China’s residents, such a sign is probably urgently needed.