AustLII Home | Databases | WorldLII | Search | Feedback

University of New South Wales Faculty of Law Research Series

 Faculty of Law, UNSW
You are here:  AustLII >> Databases >> University of New South Wales Faculty of Law Research Series >> 2013 >> [2013] UNSWLRS 37

Database Search | Name Search | Recent Articles | Noteup | LawCite | Author Info | Download | Help

Greenleaf, Graham; Tian, Yijun --- "China Expands Data Protection through 2013 Guidelines: A ‘Third Line’ for Personal Information Protection (With a Translation of the Guidelines)" [2013] UNSWLRS 37

Last Updated: 2 July 2013

China Expands Data Protection through 2013 Guidelines: A ‘Third Line’ for Personal Information Protection (With a Translation of the Guidelines)


Graham Greenleaf, University of New South Wales

Yijun Tian, University of Technology, Sydney

This paper is available for download at Available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2280037

Citation

This paper was published in Privacy Laws & Business International Report, Issue 122, 1, 4-6, April 2013. This paper may also be referenced as [2013] UNSWLRS 37.

Abstract

China has added a third significant layer of regulation of data privacy in information systems, the Information Security Technology – Guidelines for Personal Information Protection Within Public and Commercial Services Information Systems, released by the Ministry of Industry and Information Technology (MIIT) Standardization Administration on 21 January 2013, effective 1 February 2013.

In theory, these voluntary guidelines are not as important as the two regulatory instruments of 2011/12 covering part of the same territory (primarily Internet IISPs), the Decision of the Standing Committee of the National People’s Congress of December 28, 2012 (see http://ssrn.com/abstract=2251303), and the MIIT Regulation of December 2011 (seehttp://ssrn.com/abstract=2049232). However, these 2013 Guidelines apply to a much broader range of businesses, and they cover key issues (such as data exports, sensitive data, and subject access and correction rights), and provide some details, not covered in the earlier instruments. They may well indicate the standard that will be applied in these other laws, and even in such laws as the Tort Liability Law. The Guidelines set out obligations in three overlapping ways. This article analyses these three approaches, how the Guidelines differ from and add to the existing regulation of data privacy in China, and the significance they have for businesses operating in China.

An unofficial translation of the Guidelines is included in the article.

AustLII: Copyright Policy | Disclaimers | Privacy Policy | Feedback
URL: http://www.austlii.edu.au/au/journals/UNSWLRS/2013/37.html