Beijing reasserting control of businesses through new privacy law. Is it just PR?
Having amassed through deregulation as much economic power as it has ever had, the Chinese Communist Party is re-regulating businesses.
Given the importance of technology to China’s economy, that sector is particularly feeling the party’s change in direction.
The National People’s Congress, which is dominated by the Communist Party, has approved a major privacy law that is being compared favorably to the European Union’s General Data Protection Regulation. The approval follows a judicial ruling from the Supreme People’s Court to regulate facial recognition.
The same day that the government ratified the bigger piece of legislation, it also took steps to protect the privacy of army soldiers and, on a trial basis, car owners.
According to an article summarizing the major law in the state-run Xinhua news agency, “China has always attached great importance to personal information security.”
That statement can be read a number of ways. The party certainly has shown that it covets citizens’ personal data and guards it jealously.
And, of course, it likes data captured beyond its borders, too. A 2017 law deputized all Chinese organizations and citizens as national intelligence agents, required to collect and report any foreign-derived information, commercial and otherwise.
But concerns about oppressive surveillance are increasing incrementally in China, which biometrically spies on its people more than any other nation on Earth.
Perhaps in response, the highest levels of government control are vilifying businesses that collect, analyze and trade private data. This is not the first time the government has addressed privacy.
In 2017, the party decided to ban online service providers from “collecting and selling users’ personal information.” Compared to the new privacy law, which begins Nov. 1, the four-year-old measure is remarkably limited.
The new bill targets all companies that “over-collect” people’s private information, those that scrape faces without authorization and those who “secretly” obtain the biometric data.
It also penalizes businesses that use Big Data to practice price discrimination. And it “asks” Internet firms to create data-supervision bodies comprised mostly of people from outside their firms.
Apparently separate from that law, the government decided to regulate those who collect and process vehicle data in the country. Beginning in October — and on a trial basis — those outfits will have to pass a security assessment if the data is destined to be shared overseas.
At the same time, businesses “should avoid collecting excessive data from cars and protect the privacy of car owners and users.”
And in a move that might be the most naked attempt to assuage privacy concerns, Beijing says it “pledges” to keep confidential personal information collected on military personnel.