FB pixel

China creates privacy codes with biometric data protections, but is it just for show?

China creates privacy codes with biometric data protections, but is it just for show?
 

China’s first civil code — ever — is scheduled to go live January 1. It will pay particular attention to the digital privacy rights of citizens and the responsibilities of organizations using the data, including biometrics.

China’s new civil code governs civilian life and business, including property rights, contracts and family matters. In an analysis of the development, Samuel Yang, a partner with the Anjie Law Firm in Beijing, writes that Chinese national governments going back to the mid-1600s have tried and failed to fashion a civil code.

It is too early to tell what the overall impact of the civil code will be, writes Yang. In terms of digital rights, it appears that the government consolidated three miniature codes covering network information protection, cybersecurity and the protection of consumer rights and interests.

Those freestanding areas in China’s online law were deliberately drafted in many cases to be vague, inviting much interpretation. And so does the new civil code, according to Yang.

One area that is now better defined centers on consumer privacy breaches. Consumers will now be able to sue in court over data thefts.

The code addresses three areas of privacy and personal information, he writes. First is “personality rights” that include a citizen’s right to privacy. Then there are laws designed to stop “spying, eavesdropping, photographing or filming private body parts or spaces, and sending uninvited messages. The third section is all about processing personal information, and notes biometric data as included, as well as location and biographic information.

Among the new directives states that processing personal data “must be lawful, justified, necessary and not excessive.” This one will be aimed almost entirely at businesses, as the government operates on the assumption that it is always lawful and its actions justified.

Personal data cannot be collected unless an individual gives express consent “or as required by law.” Two exceptions are noted: if someone volunteers disclosure and does not object; and if the collection is in the public’s interest.

People can access their data held by a “processor,” and can correct mistakes.

If data was collected illegally or in a way that breached a contract, a person can have the information deleted.

Directives gradually become advice and urgings from the state to processors.

Why it is happening now is hard to tell. It was the authoritarian government of Xi Jinping that finally forced the issue, but China almost always has been run by authoritarians. And it is certainly true that Xi wants to create at least the appearance of legitimacy through laws.

It could also be that Xi and his fellow Communist party leaders feel that the nation’s economic ascendency has so much momentum that they can cut back on the use of chiseling contracts and off-the-books tools to stimulate technology development and innovation.

Or the national government might be bending to growing discontent about privacy among citizens who have listened to one too many corporate leader tell them to get over it, as has Geely Automobile’s chairman, Li Shufu.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

A billion stolen passwords make passkeys look good, despite growing pains

In breaking news that should come as no surprise, your password isn’t good enough. And no, not even if you…

 

Trump puts brakes on Biden-era AI regulation; future uncertain

As was expected, on day one of being inaugurated, President Donald Trump repealed outgoing President Joe Biden’s Executive Order (EO)…

 

How AI fraudsters are capitalizing on the slow rollout of digital IDs

By Ofer Friedman, Chief Business Development Officer, AU10TIX As professional fraudsters ramp up their attacks, leveraging generative AI and randomization…

 

UK government reveals mDL pilot, Gov.uk digital wallet plans

A Gov.uk digital wallet and app will be introduced this year to ease access to pubic services for British residents,…

 

Yoti responds to Ofcom’s guidance on age checks for porn sites

While the age assurance sector has welcomed Ofcom’s newly published guidance on highly effective age assurance for adult content sites,…

 

Jumio, Innovatrics, Vouched and Regula advance identity verification use cases

Whether it’s in gaming, home stays or automotive sales, the need to establish trust is crucial. Effective digital identity verification…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events