Wenlong Li,Jiahong Chen

DOI: https://doi.org/10.1016/j.clsr.2024.105994

2024-06-13

Abstract:This paper explores the evolution of China's Personal Information Protection Law (PIPL) and situates it within the context of global data protection development. It draws inspiration from the theory of 'Brussels Effect' and provides a critical account of its application in non-Western jurisdictions, taking China as a prime example. Our objective is not to provide a comparative commentary on China's legal development but to illuminate the intricate dynamics between the Chinese law and the EU's GDPR. We argue that the trajectory of China's Personal Information Protection Law calls into question the applicability of the Brussels Effect: while the GDPR's imprint on the PIPL is evident, a deeper analysis unveils China's nuanced, non-linear adoption that diverges from many assumptions of the Brussels Effect and similar theories. The evolution of the GDPR-inspired PIPL is not as a straightforward outcome of the Brussels Effect but as a nuanced, intricate interplay of external influence and domestic dynamics. We introduce a complementary theory of 'gravity assist', which portrays China's strategic instrumentalisation of the GDPR as a template to shape its unique data protection landscape. Our theoretical framework highlights how China navigates through a patchwork of internal considerations, international standards, and strategic choices, ultimately sculpting a data protection regime that has a similar appearance to the GDPR but aligns with its distinct political, cultural and legal landscape. With a detailed historical and policy analysis of the PIPL, coupled with reasonable speculations on its future avenues, our analysis presents a pragmatic, culturally congruent approach to legal development in China. It signals a trajectory that, while potentially converging at a principled level, is likely to diverge significantly in practice [...]

Computers and Society

Gong Nan,,

DOI: https://doi.org/10.21638/spbu14.2023.110

2023-01-01

Abstract:In the development of China’s Internet industry and digital economy, great importance is attached to the protection of personal data and seriously protects the legitimate rights and interests of citizens’ personal data. Generally speaking, with the development of technology and industry, China’s personal data protection has gone from “indirect protection” to “direct protection” and then to “comprehensive protection”. In the early years of China’s Internet industry, the indirect protection of personal data was mainly achieved through the protection of the “rights to privacy” of citizens. Since the Internet industry of the People’s Republic of China has entered a stage of rapid development, the state began to directly protect personal data in accordance with the provisions of the Chapter “Network Information Security” established in the “Cyber Security Law” of 2016, establishes several principles for the collection and use of personal data, protection requirements information security. Until November 1, 2021, the “Personal Data Protection Law of the People’s Republic of China” (PPD) was adopted to comprehensively protect personal data, reflecting the ideology of development focused on bringing the people to the center, meeting the new needs and aspirations of the people in the new era, and also proposing the creation international digital legal order “Chinese version”. The PPD further expands the scope of the object of personal data protection, comprehensively establishes the rights of individuals to process data, strengthens the obligations to protect personal data processors, creates strict rules for the protection of sensitive personal data and regulates the processing of personal data by public authorities, as well as improving the means of legal protection of personal data, all of which are important points in the legislation. The law incorporates advanced foreign experience, while emphasizing Chinese wisdom, the spirit of the times, and practicality in accordance with the reality of China.

Lothar Determann,Zhenyu (Jay) Ruan,Tingting Gao,Jonathan Tam

DOI: https://doi.org/10.69554/gmhh7774

2021-06-01

Abstract:In October 2020, China published a draft of the Personal Information Protection Law of the People’s Republic of China (PRC) for public comment. The draft law is intended to be the first consolidated and comprehensive law targeting the protection of personal information in China. If enacted in its current form, the law would introduce a suite of obligations that apply to organisations in both the private and public sectors and individuals that process Chinese residents’ personal information. The scope, structure and substance of the draft law not only resemble that of the European Union (EU) General Data Protection Regulation (GDPR) in a number of key ways but also diverge from the GDPR in many respects. The draft Chinese law also has some similarities with various US privacy laws, although the United States has not enacted a comprehensive federal privacy law that applies across the country. Despite the variations among the regimes of China, the EU and the United States, organisations that do business in these geographies can leverage the privacy compliance programmes they may have established for the United States and EU to prepare for the implementation of the draft Chinese Personal Information Protection Law. This paper summarizes the key requirements of the draft Chinese law and provides high-level observations regarding its similarities to and differences from the GDPR and key US privacy laws.

Ming Hu,Tao Hong

DOI: https://doi.org/10.1515/ijld-2024-2012

2024-01-01

International Journal of Legal Discourse

Abstract:Abstract A significant portion of the misunderstanding surrounding China’s human rights protection stems from a failure to consider its legal progress in light of China’s unique cultural, ideological, and political contexts. The Criminal Procedure Law of China is closely linked to constitutional principles and the fundamental first generation of human rights, providing a clear framework for understanding China’s efforts in human rights protection. As widely accepted standards for human rights codification, Articles 9, 17, and 14 of the International Covenant on Civil and Political Rights (ICCPR) outline the right to personal liberty, privacy, and the defense of the accused. Initially, China’s Criminal Procedure Law of 1979 fell short of meeting these global standards. However, with substantial revisions in 1996, 2012, and 2018, this specific code has progressively aligned with the covenant’s requirements, marking significant strides in human rights protection in China. Despite these advances, there remains room for improving the Criminal Procedure Law, especially under the challenges of the digital age. China, alongside other nations, will focus on building a more comprehensive, robust, and globally integrated legal framework to address the forthcoming issues.

Qin Zhou

DOI: https://doi.org/10.1080/10192557.2022.2117484

IF: 0.542

2022-09-14

Asia Pacific Law Review

Abstract:China's data governance has garnered global attention. An important part of data governance is the protection of personal data. Many believe that the newly issued Personal Information Protection Law (PIPL) can improve the protection of personal information in China. However, the merits of this specialized law rest in part on empirical exams. This paper explores whether the PIPL can solve the issues existing in online contracting for personal information in China. It firstly introduces provisions related to contracting for personal information before the promulgation of the PIPL. It then identifies three critical issues regarding online contracting for personal information in China after reviewing 202 online peer-to-peer lending platforms' terms of service and privacy policies. These issues include privacy policies that are not readily accessible, the substantial variation between terms of service and privacy policies pertaining to personal information collection, processing, sharing, and protection, and the bias of contractual terms. The paper further discusses whether the PIPL can help address three issues considered in the survey results. It argues that, even though the new law looks promising and may help address some of the issues in online contracting for personal information, its effectiveness ultimately depends on its enforcement and consumers' reaction to changes in the way firms contract for personal information. Therefore, this paper also calls for more empirical studies on China's personal information protection.

law

Konrad Kollnig,Lu Zhang,Jun Zhao,Nigel Shadbolt

DOI: https://doi.org/10.1016/j.clsr.2024.106041

IF: 2.707

2024-09-03

Computer Law & Security Review

Abstract:Privacy in apps is a topic of widespread interest because many apps collect and share large amounts of highly sensitive information. In response, the Chinese legislator introduced a range of new data protection laws over recent years, notably the Personal Information Protection Law (PIPL) in 2021. So far, there exists limited research on the impacts of these new laws on apps' privacy practices. To address this gap, this paper analyses data collection in pairs of 634 Chinese iOS apps, one version from early 2020 and one from late 2021. Our work finds that many more apps now implement consent. Yet, those end-users that decline consent will often be forced to exit the app. Fewer apps now collect data without consent but many still integrate tracking libraries. Market concentration in app data collection has seen limited change. At the same time, there exists a larger number of influential and equal market participants than in the West. Among them, Apple was the only relevant foreign company. We see our findings characteristic of a first iteration at Chinese data regulation with room for improvement. With the help of enhanced technological capabilities, we expect increased enforcement of the new data rules. There is also room to refine the new laws and make them more targeted at mobile apps and the online sphere, particularly through clear and up-to-date technical specifications for software developers. As such, our findings could also be motivation for non-Chinese policy- and lawmakers to enhance their own data protection regimes.

law

Shujie Cui,Peng Qi

DOI: https://doi.org/10.1016/j.clsr.2021.105560

2021-07-01

Abstract:<p>Personal information protection and privacy interact in diverse ways, especially in the contemporary information age. Although books and articles have focused on this topic, the new tendencies of worldwide legislation and judicial practice bring challenges, as the legal construction of personal information protection and privacy differs from culture to culture and time to time. In 2017, the General Provisions of the Civil Law of the People's Republic of China ("the General Provisions of the Chinese Civil Code" hereafter)<a class="workspace-trigger" href="#cit_1">¹</a> (expired) addresses the legal concepts of personal information protection and the right to privacy simultaneously, to which this article refers as the dual model, differing from the one-dimensional mode of privacy protection before. Subsequently, the "The Right to Privacy and the Protection of Personal Information," a chapter of the newly issued Civil Code of the People's Republic of China's ("the Chinese Civil Code" hereafter), ascertains the dual model and details related provisions. It has been dubbed a landmark ruling of China's personal information protection, greatly boosting the modernization of China's civil system.</p><p>Despite the many articles that discuss approaches to China's civil protections, little attention has been given to the fundamental question concerning what exactly encompasses the personal information protection and privacy to which these laws refer. Based on the regulations and applicability of the General Provisions of the Chinese Civil Code and the Chinese Civil Code, this paper explores the legal construction of personal information protection and privacy under Chinese legal orders, including the differences, similarities, and interplay between the two rights. By distinguishing the legal value, contents and remedial approaches, this paper concludes that the two rights are distinct but overlap. On one side, personal information protection is elevated to the status of a separate civil right in the legal context of China, rather than part of privacy. On the other side, tailored regulations should be establish according to the criteria of the nature of information, the extent of information processing, and the elements of damage when confronted with overlaps in the two rights in judicial practice. Thus, this paper provides a perspective from which to clarify the approaches to civil protection of personal information and privacy in China and a reference model for enactment of the Chinese Personal Information Protection Law in the the future.</p>

law

Konrad Kollnig,Lu Zhang,Jun Zhao,Nigel Shadbolt

DOI: https://doi.org/10.48550/arXiv.2302.13585

2023-02-27

Computers and Society

Abstract:Privacy in apps is a topic of widespread interest because many apps collect and share large amounts of highly sensitive information. In response, China introduced a range of new data protection laws over recent years, notably the Personal Information Protection Law (PIPL) in 2021. So far, there exists limited research on the impacts of these new laws on apps' privacy practices. To address this gap, this paper analyses data collection in pairs of 634 Chinese iOS apps, one version from early 2020 and one from late 2021. Our work finds that many more apps now implement consent. Yet, those end-users that decline consent will often be forced to exit the app. Fewer apps now collect data without consent but many still integrate tracking libraries. We see our findings as characteristic of a first iteration at Chinese data regulation with room for improvement.

Yang Feng

DOI: https://doi.org/10.1080/10192557.2019.1646015

IF: 0.542

2019-01-01

Asia Pacific Law Review

Abstract:On 10 September 2018, the Standing Committee of the National People's Congress of China updated its legislative agenda and planned to enact a comprehensive data protection law by March 2022. This Plan would end the longstanding speculation among Chinese scholars and foreign observers about the direction of China's data protection regime. Nevertheless, whether such a law can be enacted on time remains uncertain. This article examines the current challenges to the creation of a workable data protection law in China. The main challenges are related to the hasty implementation of the information and communications technology (ICT) development strategies, the current weak legal framework and the unprepared scholars and lawmakers. This article concludes that the enactment of a data protection law is not an easy task. This task is likely to be delayed, suspended, or proved to be a failure if the aforementioned obstacles are not resolved properly. Finally, to provide meaningful data protection, this article provides four basic policy and legal recommendations: (1) pay more attention to protecting individuals' personal data against unreasonable use by industry and government; (2) cautiously learn from legislative experience of western countries; (3) explore the best practices under Chinese contexts; and (4) enforce the protection rules in a more meaningful manner.

Jianwen Zhang,Huan Yang

DOI: https://doi.org/10.17803/2587-9723.2021.4.074-081

2021-09-16

Legal Science in China and Russia

Abstract:Digital data is a new factor of production in the information age. In the context of the rapiddevelopment of the latest technologies, such as big data, artifi cial intelligence, cloud computing andblockchain, as well as the continuous development of the digital economy, digital data plays an important role in the development of enterprises. Data security issues affect the development of a countryand its security, are related to public interests, and are also closely related to the personal rights of its citizens. It is necessary to regulate data protection at the legal level.July 2, 2020 the website of the National People’s Congress published the Data Security Law of the People’s Republic of China (draft), which systematically refl ects the current national point of view on data security and development, noting the improvement of data security to the level of state security. Like the Cybersecurity Law, it is a component of the general concept of national security, belongs to the highest level of law and has the highest legal force. This law is of great strategic importance for building a data protection system in the PRC.As the main law in the fi eld of data security management ,the Data Security Law has made certain breakthroughs in the defi nition of the concept of data. The concept of data in the Data Security Law is not limited to network data, but includes information recorded in electronic form and in other ways; the necessary extraterritorial consequences are provided for in the draft Data Security Law, which is of great importance for the protection of national sovereignty and civil rights of the People’s Republic of China; the relationship between data security protection, data development and use is clarifi ed, and the status of data in the development of the digital economy is clarifi ed through legislation in order to fully demonstrate the economic value of data; the main body responsible for security, supervision and overall coordination has been created, the main responsibilities of various regions and departments have been increased, supervision responsibilities have been redistributed, which is more in line with the needs and current situation in data security supervision; a data classifi cation system has been established that promotes the relevant work of data security surveillance agencies; an appropriate mechanism has been created at the state level in the system of data security risk assessment, reporting, information exchange, monitoring and early warning; a data export control system and a mutual data protection system were created, as well as the construction of a cross-border data fl ow system of the PRC was standardized; data protection obligations in organizations and for individuals performing data operations and performing data protection duties were clarifi ed; adhere to the principles of security and development and provide measures to support and promote data security and development; institutional measures have been taken to ensure the security of government data.The draft law on data security contains a comprehensive concept of information security. The upcoming Law on Data Security will contain recommendations and basic principles for ensuring data security and development. All industries will have to pay attention to an integrated management system and various supporting provisions to ensure data security and development. Gradually, a favorable environment will be created for the effective use of data and safe development, which will signifi cantly contribute to the rapid development of informatization and digitization.The Data Security Law includes all types of information in the fi eld of protection. In the future, the Law on Data Security should pay attention to the Law on Cybersecurity, Law on State Security and Law on the Protection of Personal Information, which are under development, supplement and improve today’s relatively disparate legislation related to data security. The laws and regulations of the PRC on data security will be carefully developed on the basis of these three laws in order to fully implement the development, use of data and industrial development, thereby promoting new provisions in the creation of a legal data security system.

Jiayi Jiang,Zexing Zheng

DOI: https://doi.org/10.2196/48714

2023-11-14

JMIR mhealth and uhealth

Abstract:Abstract Background Digital technologies, especially contact tracing apps, have been crucial in monitoring and tracing the transmission of COVID-19 worldwide. China developed health code apps as an emergency response to the pandemic with plans to use them for broader public health services. However, potential problems within privacy policies may compromise personal information (PI) protection. Objective We aimed to evaluate the compliance of the privacy policies of 30 health code apps in the mainland of China with the Personal Information Protection Law (PIPL) and related specifications. Methods We reviewed and assessed the privacy policies of 30 health code apps between August 26 and September 6, 2023. We used a 3-level indicator scale based on the information life cycle as provided in the PIPL and related specifications. The scale comprised 7 level-1 indicators, 26 level-2 indicators, and 71 level-3 indicators. Results The mean compliance score of the 30 health code apps was 59.9% (SD 22.6%). A total of 13 (43.3%) apps scored below this average, and 6 apps scored below 40%. Level-1 indicator scores included the following: general attributes (mean 85.6%, SD 23.3%); PI collection and use (mean 66.2%, SD 22.7%); PI storage and protection (mean 63.3%, SD 30.8%); PI sharing, transfer, disclosure, and transmission (mean 57.2%, SD 27.3%); PI deletion (mean 52.2%, SD 29.4%); individual rights (mean 59.3%, SD 25.7%); and PI processor duties (mean 43.7%, SD 23.8%). Sensitive PI protection compliance (mean 51.4%, SD 26.0%) lagged behind general PI protection (mean 83.3%, SD 24.3%), with only 1 app requiring separate consent for sensitive PI processing. Additionally, 46.7% (n=14) of the apps needed separate consent for subcontracting activities, while fewer disclosed PI recipient information (n=13, 43.3%), safety precautions (n=11, 36.7%), and rules of PI transfer during specific events (n=10, 33.3%). Most privacy policies specified the PI retention period (n=23, 76.7%) and postperiod deletion or anonymization (n=22, 73.3%), but only 6.7% (n=2) were committed to prompt third-party PI deletion. Most apps delineated various individual rights: the right to inquire (n=25, 83.3%), correct (n=24, 80%), and delete PI (n=24, 80%); cancel their account (n=21, 70%); withdraw consent (n=20, 60%); and request privacy policy explanations (n=24, 80%). Only a fraction addressed the rights to obtain copies (n=4, 13.3%) or refuse advertisement of automated decision-making (n=1, 3.3%). The mean compliance rate of PI processor duties was only 43.7% (SD 23.8%), with significant deficiencies in impact assessments (mean 5.0%, SD 19.8%), PI protection officer appointment (mean 6.7%, SD 24.9%), regular compliance audits (mean 6.7%, SD 24.9%), and complaint management (mean 37.8%, SD 39.2%). Conclusions Our analysis revealed both strengths and significant shortcomings in the compliance of privacy policies of health code apps with the PIPL and related specifications considering the information life cycle. As China contemplates the future extended use of health code apps, it should articulate the legitimacy of the apps’ normalization and ensure that users provide informed consent. Meanwhile, China should raise the compliance level of relevant privacy policies and fortify its enforcement mechanisms.

health care sciences & services,medical informatics

Weber Philip Andreas,Zhang Nan,Wu Haiming

DOI: https://doi.org/10.1007/s10660-020-09422-3

2020-01-01

Electronic Commerce Research

Abstract:The growth of e-commerce and other platforms has significantly increased the amount of personal data that is shared and submitted online; however, the adequate and secure collection and processing of these data is of great concern. With the EU’s implementation of a new data protection regulation in 2018, the development of personal data protection globally has reached an important turning point and has sparked the interest of scholars and businesses. Text coding was employed to compare the current personal data protection regulation landscape in the EU and in China to discover the differences between the General Data Protection Regulation and the personal data protection regulations of the fastest-growing economy in e-commerce. The results show that while there are several similarities in regard to general requirements, such as principles of data processing and basic rights for data subjects, China’s personal data protection regulations tend to lack specific operational requirements and strong legal enforcement. Based on the research results, implications and recommendations for the government and companies are provided.

Ella Gorian

DOI: https://doi.org/10.7256/2454-0595.2021.5.36237

2021-05-01

Административное и муниципальное право

Abstract:The object of this research is the legal relations in the sphere of regulation of personal data security in the financial and banking sector of the People's Republic of China. The characteristics is given to the current legislation of China (Civil Code, Personal Information Protection Law, and Cybersecurity Law), existing or draft bylaws in the field of personal data security. Attention is given the second revision of the draft law on personal information protection, as well as determination of the institutional mechanism for ensuring personal data security. The article examines the peculiarities of regulation of relations in the sphere of ensuring personal data security in the financial and banking sector, as well as characterizes &nbsp;the role of the financial regulator in this mechanism. The development of the mechanism for personal data protection is at completion stage; besides the adoption of the Civil Code of the People's Republic of China, which establishes the framework for regulation, two of the three special laws &ndash; Personal Information Protection Law and Cybersecurity Law &ndash; have already been adopted. The flagship law on Personal Information Protections is expected to be adopted by 2021. The aforementioned laws encompass all spheres of information security and ensure strong data protection regime: outline the scope of regulation, objects and subject composition, responsibility, and institutional control mechanism. The legal regime covers such aspects of relations as personal data of deceased persons, persons with reduced capabilities (due to age and health), as well as transnational data transfer. At this point, the financial and banking sector features a number of bylaws that set strict standards for ensuring personal information protection. The leading role in this mechanism is played by the financial regulator &ndash; the People's Bank of China. The standards adopted by the People&rsquo;s Bank of China require further examination, which would allow formulating recommendations for the improvement of the Russian legal system.

English Else

Tao Fu

DOI: https://doi.org/10.1177/1742766519846644

2019-05-27

Global Media and Communication

Abstract:By examining the privacy policies of leading Chinese Internet and information service providers (IISPs), this study found their privacy policies to be generally compliant with China’s personal information protection provisions. These IISPs use proper mechanisms showing their commitment, measures and enforcement to data security, but their Fair Information Practices need improvement. Personal information protection in China is severe. Privacy policies offer more ‘notice’ than they do ‘choice’. Chinese IISPs collect and use information extensively in the guise of providing value to users, but have given insufficient consideration to transborder data flows and change of ownership. Societal and technological mechanisms have not been widely sought.

Bo Zhao,Yang Feng

DOI: https://doi.org/10.1016/j.clsr.2020.105498

IF: 2.707

2020-01-01

Computer Law & Security Review

Abstract:This Article seeks to map the possible paths of the development of China's data protection law by examining the changing power relations among three major actors - the State, digital enterprises and the public in the context of China's booming data-driven economy. We argue that focusing on different core values, these three major actors are the key driving forces shaping China's data protection regime. Their dynamic and multidimensional power relations have been casting the development of China's data protection law with various uncertainties. When persuing different, yet not always conflicting values, these three major actors may both cooperate and compete with each other. Based on our careful analysis of the shifting power relations, we identify and assess three possible paths of the development of China's data protection law. We are much concerned that the proposed comprehensive data protection law might be a new attempt of the State to win legitimacy abroad, while actually trying to reinforce massive surveillance besides economic goals. We argue that a modest alternative may be that this law might show some genuine efforts for protecting data privacy, but still with poor enforcement. Last, we argue that the most desirable development would be that this law could provide basic but meaningful and effective protection for data privacy, and lay a good foundation for further development.

Zhangboyu Sun,Zixi Liu

DOI: https://doi.org/10.1051/shsconf/202315703006

2023-02-16

SHS Web of Conferences

Abstract:In the era of rapid development of big data, the problem of personal information leakage is widely concerned by the society. Among them, sensitive personal information related to the human dignity of natural persons or basic rights such as personal and property is more important. China introduced the Personal Information Protection Law in 2021 to improve the legal system of personal information protection in China, but due to the short development time of the relevant system for the protection of sensitive personal information, resulting in the legal protection of sensitive personal information faces serious challenges in practice, so it is especially important to improve the legal protection of sensitive personal information in China. Based on this, this paper firstly explains the concept and characteristics of sensitive personal information, then analyzes the shortcomings of the legal protection of sensitive personal information, and finally puts forward suggestions for improvement from different perspectives, including improving the principle of "informed consent", strengthening the supervision of industry self-regulation and improving the principle of imputation.

English Else

Esther Franks,Bianca Lee,Hui Xu

DOI: https://doi.org/10.54648/gplr2024007

2024-03-01

Global Privacy Law Review

Abstract:The People’s Republic of China (PRC) has moved ahead of other jurisdictions in regulating Artificial Intelligence (AI) by enacting a set of regulations aimed at addressing risks associated with AI. This article reviews three key AI specific regulations enacted in the PRC in 2022 and 2023. Together these regulations set out comprehensive obligations on the use of generative AI and algorithmic recommendation services in the PRC. The obligations include general requirements such as to comply with the law and principles of fairness as well as to protect against incorrect political direction and violation of social morality. There are also more specific obligations to achieve those objectives. These include, ensuring the regulator has visibility of certain algorithms by requiring the filing of information about the relevant algorithms. Further there are specific obligations on service providers such as to label training data appropriately, take measures to screen illegal or harmful content, verify the identities of users for some services, protect against fake news and label artificial intelligence generated content as synthetic. The regulations also provide a suite of rights for users, including the right not to be targeted on the basis of their personal characteristics by services using AI algorithms. The obligations under these regulations are significant and it will be interesting to see how the PRC’s regulatory approach impacts the AI industry in the PRC in contrast to other jurisdictions where regulators are still looking at how to regulate AI or taking a different approach. PRC, China, Artificial Intelligence, AI Regulations

Yang Li

DOI: https://doi.org/10.15335/glr.2020.14.4.002

2021-01-01

Gachon Law Review

Abstract:COVID-19 came suddenly. China has controlled this epidemic in a certain degree by means of digitized epidemic prevention. This kind of means is like a double-edged sword, which eases major public health events, but threatens personal information security. The legislation of personal information protection went through several discussions in China until this issue resurfaced during the recent COVID-19 pandemic, and on August 20, 2021 China passed The Personal Information Protection Law and began implementing it in November of the same year. This research focus on the outstanding personal information issues in the process of digitized epidemic prevention and hopes to improve the protection system of personal information by combing the deficiencies in legislation.

Chuyun Wang,Feifei Guo,Mengxuan Ji

DOI: https://doi.org/10.1155/2022/1678360

2022-08-30

Journal of Environmental and Public Health

Abstract:In the era of big data, while every citizen enjoys the convenience of the Internet, all kinds of information closely related to their personal and property are in a state of "streaking" for a long time. Personal information is frequently leaked, illegally misappropriated, and used. There are necessary requirements of network security. The risks and challenges faced by personal information in the context of big data increase. In the context of the rapid development of big data, the information is circulated in virtual cyberspace in the form of electronic data, and data sharing has become an important flow form of information circulation. It is an important link to realize the optimal allocation of network resources and realize the value of data. The great progress of the digital economy and artificial intelligence technology has greatly increased the demand for data, the speed of circulation has been further accelerated, and the potential value of data has been fully reflected. At present, the scope of personal information protected by Chinese laws is relatively narrow and is basically limited to the scope of privacy rights, which makes a large amount of information owned by individuals that do not belong to the category of personal privacy rights lack legal protection. Personal information is different from the characteristics of privacy rights. It is decided that the protection of personal information should be different from the protection of traditional personal privacy. To sum up, in view of this, this article attempts to analyze the new challenges faced by personal information protection in the era of big data from the perspective of law, combined with the background of the era of big data, from the legislative model, system design, supervision mechanism, industry self-discipline, and other aspects. Exploration of the legislative framework for the protection of personal information in the era of big data in our country is done in order to find a realistic path that balances the development of big data technology and the protection of personal information.

Peiru Cai,Li Chen

DOI: https://doi.org/10.1093/idpl/ipac004

IF: 2.5

2022-01-01

International Data Privacy Law

Abstract:The development of big data, cloud computing, and artificial intelligence technology drives not only the transformation of the Chinese economy but also a new way of life that is seamlessly integrated with technology. The troves of data generated by users and processed by various business operators fuel the remarkable growth of businesses. Data are therefore widely regarded as a fundamental strategic resource and a crucial factor of production in China. Data can be used to identify individuals, revealing their political views, habits, hobbies, consumption preferences, physical movements, and other traits. Data might also be regarded as a commercial secret of Internet products providers due to the competitive advantage it might offer. Data are also critical to upholding public and national interests.1 The newly enacted government regulations aim to aggressively regulate China’s mobile applications, e-commerce, and ‘smart’ products. The Chinese government’s much-touted ‘The Outline of the Fourteenth Five-Year Plan...