While Indians have been demanding a new and strict data policy for themselves, China has reportedly passed the world's strictest data policy law. Every app like Amazon, Flipkart, Facebook, YouTube, etc., that we use generates and store our data. These data range from your gender and age to even your geographical location. Data privacy law is a set of guidelines by the government to these big tech companies on how can they use our data. China has been putting a lot of restrictions on these tech companies for the previous few months.
What is China's New Data-Privacy Law?
China passed a data privacy lawmaking tougher rules on how companies collect and handle their user's information on Friday (August 20, 2021). These rules are further steps added to Beijing's tightening of data regulation. This could impact the way China's technology companies operate.
The personal information protection laws lay out for the first time a comprehensive set of rules around data collection processing and production that was previously governed by piecemeal legislation. This might seems like a step to give more rights about their data to the customers, but the Chinese Communist Party stills control all the data gathered by their companies.
The law seems to be inspired by the European Union's law regarding personal data protection. It requires any organization or individual handling Chinese citizen's personal data to minimize data collection and to obtain their consent. But there is no restriction on the government to access the data. Government can ask any company to provide its data and they have to comply.
1) New rules passed by China's top legislative body say that government and private entities collecting and handling personal information will be required to reduce data collection. They are also required to obtain the user's consent. The Chinese state security body will maintain access to all of the personal data, however. Communist Party Of China has long been accused of using tech companies to accelerate repression in Xinjiang province and elsewhere.
2) According to state news agency Xinhua earlier this week, the law also protects people from recommendation algorithms and user profiling. A client's shopping history can not be used to recommend him/her products at different prices. Companies tend to increase a product's price if they feel that the particular user is most likely to buy the product based on their data. They will try to lure the customer by giving some discounts if they feel the user is not interested to buy. This law prohibits companies to do so.
3) The law also says that the personal data of Chinese citizens cannot be transferred to countries where there is a lower standard of data security than China. This rule is going to be a headache for foreign businesses.
4) There is a penalty of up to 50 million Yuan or 5% of their annual turnover for companies that fail to comply.
5) The final draft which contains all the rules has not yet been released by the Chinese government.
The aftermath of this new law
The greatest repercussion of China passing this law was that the stocks of the big tech companies of the country suffered heavily. Stocks, including that of Tencent & Alibaba, dropped up to 4.5%. The Nasdaq golden dragon index of large Chinese companies listed on the US stock exchange closed more than 5% lower on Thursday in New York.
This news also dragged down by an almost 7% fall for the E-Commerce group founded by jack ma. Nasdaq golden dragon index is an index for Chinese companies listed on the US Stock exchange. Chinese stock has been severely hit for the past few months.
Back-to-back news from Beijing about new regulation on these tech companies has taken the index down by almost 50% since its peak in February. Big business tycoons have lost billions of dollars in few months because of these regulations, including the Alibaba founder and Tencent's Pony Ma.
The European Union launched one of the best data protection laws in 2018. This regulation aimed to give citizens in the bloc more control over their data. This applied not only to the European companies but also to any company from outside that was offering services in Europe. Brazil's Lei Geral de Proteção de Dados Pessoais which came into force in September 2020 is Latin America's first major data protection law. At the end of 2020 Singapore too amended its personal data protection act and made it more strict and citizen-friendly.
The Indian government has also been trying to frame similar law called "The personal data protection bill,2019". This is still stuck in the standing committee of the parliament. Every country is looking to frame better laws regarding the data. After all, data is the new oil and we need to protect our oil.