The administration of Shenzhen has enacted China’s most extensive data regulation to date. Experts said the policy paved the way for future national and regional data regulations.
The rule, which was passed on June 29 by top legislators in Shenzhen, prohibits certain popular data activities that are perceived as invasive or unjust, and will force the government to make public data freely available. The bill also addresses data ownership, which is a significant void in Chinese law.
“It affects every possible interested party concerning data, from data users to data processors to market operators, government, courts, and so on,” said Devin Song, a partner at the Beijing-based Fieldfisher law firm.
The Shenzhen special economic zone has been a testbed for national policies since the 1980s, beginning with allowing private enterprise. “Shenzhen is being used as a trial area for experimental regulation, which makes sense given Shenzhen is China’s silicon valley,” said Kendra Schaefer, head of tech policy research at strategic advisory Trivium China.
What’s at stake: China is drafting data regulations that will affect the tech industry and possibly serve as a model for governments around the world. Experts believe Shenzhen’s policy will establish a precedent for other regions and national rules.
China is enacting a number of data and privacy legislation, including the Data Security Law, which was passed in June, and the Personal Information Protection Law, which will be enacted soon. The regulation in Shenzhen provides explicit specifics on how these laws would be enforced for the first time.
Details: The Data Regulation of the Shenzhen Special Economic Zone was released on Tuesday by the Standing Committee of the Shenzhen Municipal People’s Congress. They will take effect on January 1, 2022 in the city.
Data collection should be limited: The guidelines prohibit applications from requiring users to sign data agreements in order to access “core services,” as well as face recognition or other biometric information. The legislation also prevents applications from profiling users under the age of 14 in order to provide them tailored adverts, according to Devin Song.
According to Calvin Peng, a senior partner at Jincheng Tongda & Neal legal firm, most apps will need to rewrite their privacy rules, and many will need to be updated to offer less invasive options.
Chinese apps regularly make broad requests for personal information, and it might be difficult to say no in China’s hyper-connected cities. Before utilizing WeChat mini-apps to order food, many eateries request users to enter their name and contact information. In order to use a tap to wash sand off his feet at a beach, one TechNode reporter was recently requested for his “name, telephone number, and gender details.” (He gave his permission.)
In a review of the regulation, Carolyn Law, China analyst at Control Risks, said that the age limit “threatens the economic models of numerous popular applications, including short-video app Douyin.” “However, because this is simply a local-level regulation,” she noted, “it is unclear what the actual impact on these enterprises is.”
Getting access to ‘public data’: The rule also applies to state-collected data, mandating the government to make its data freely available to the public by default. The rule establishes a category of “public data” that will be “shared by default, with non-sharing as an exception,” establishing a system in which data from many government platforms is compiled in a single public database. The law also forbids the government from charging fees for data access.
Data openness has been pushed by national policy statements, according to Schaefer, but this may be the first example of a rule that spells out requirements.
Ownership of data: Another “significant deal,” according to Schaefer, is the introduction of a new category of “public data” that is controlled by the government. The Chinese government has been working to establish markets around data since recognizing it as a “new component of production” last year. However, there has been some misunderstanding about what it means to own data, which has impeded these efforts.
The legal committee of Shenzhen’s legislature noted in an interpretation attached to the law that “it is difficult to clearly create a new form of ownership rights through municipal regulations,” but that “there is a general understanding that data products and services possess property rights.” The law was the first to investigate the scope and forms of data rights.”
This new category of public data is defined by the rule as “data created by public entities when providing public services.”
READ MORE HERE:
Anonymization is a flaw in China’s privacy laws.
So, what’s next? As other regional governments and Beijing create their own guidelines, Shenzhen’s approach to data regulation will undoubtedly impact the national landscape. Peng told TechNode that Shanghai will most likely be the next city to issue a data legislation, with Guizhou and Anhui provinces perhaps following suit.
Feedzy/n
