September 21, 2023

China has passed a new privacy law aimed at protecting users’ personal data. The new law comes as Chinese tech firms have come under renewed scrutiny in the country, and sets rules around how companies handle users’ information. The law takes effect on November 1st.

The law formally called the Personal Information Protection Law was passed by China’s legislature on Friday, and calls for companies to get users’ consent before collecting personal data, and has rules for how companies should ensure users’ data is protected when it’s transferred outside of China.

Tech companies that handle personal information must have a designated person tasked with overseeing its protection, and companies must conduct regular audits to be sure they’re complying with the law.

Companies handling personal user data have to have clear and reasonable purpose for doing so, and must limit it to the “minimum scope necessary to achieve the goals” of handling said data.

Personalization is the result of a user’s choice, and true personalized recommendations must ensure the user’s freedom to choose, without compulsion, Therefore, users must be given the right to not make use of personalized recommendation functions.

Tags:

1 thought on “Chinese New Data Privacy law

  1. Pingback: Tencent Games Headache – TheCyberThrone

Leave a Reply

You may have missed

Atlassian BitBucket and Confluence Vulnerabilities

September 21, 2023

Snatch ransomware Dissection

September 21, 2023

Fortinet Fixes Vulnerabilities in FortiOS

September 20, 2023

Trend Micro Endpoint Vulnerability – CVE-2023-41179

September 20, 2023

GitLab Addresses Critical Vulnerability -CVE-2023-4998

September 20, 2023

Crowdstrike New Offerings and Bionic.ai Acquisition

September 20, 2023
%d bloggers like this: