China on Friday adopted a law on Internet privacy protection, aimed at restricting the sometimes abusive collection of personal data by digital giants.
The law responds to the increase in online fraud in recent years, but above all to the growing concern of Chinese consumers about data leaks or the use of algorithms.
Under the new law, public and private companies will have to reduce the collection of personal information from citizens and obtain their prior consent.
The country will not be affected because it will be able to continue to collect a large amount of data, for example to track political dissidents or implement its strict security policy in the volatile northeastern region of Xinjiang.
The law is expected to put national digital giants like Didi (chauffeured car reservations) and Tencent (video games) under scrutiny, which the government has criticized in recent months for improperly collecting data.
A parliamentary spokesperson told Xinhua that the text aims to prevent “the use of personal data for the purposes of user profiling”.
In addition, it seeks to avoid “algorithmic discrimination,” a common practice among online sales companies that offer different prices to different users of the same service, depending on their purchase history.
The new Chinese law is modeled on the European Union (EU) Internet Privacy Protection Act, one of the strictest in the world.
The text states that the personal information of Chinese citizens should not be transferred to countries with lower standards in this matter, a ban that could affect foreign companies. The United States, for example, does not have a national data protection law.
Failure to comply with the new rules, companies face fines of up to 50 million yuan (6.6 million euros, 7.7 million dollars) or even 5% of their annual turnover.
For the most serious crimes, authorities may withdraw their business license from businesses or force them to close permanently.
prw / ehl-zif / cco / mis / bl