China Draft Rules Propose That Chinese Employee Data Cannot Be Stored Overseas

China has not established comprehensive and systematic personal information protection legislation. The PRC Constitution and the General Principles of the Civil Law of the PRC (1986) both refer vaguely to certain personal rights, but privacy is not expressly provided in them. The Tort Liability Law (2009) does refer to privacy, but (with the exception of medical information) it doesn’t specifically define the types of information that must be kept private. These laws were enacted by the National People’s Congress (NPC) and are supported by various administrative regulations enacted by the ministries. For years, China has been discussing and working on a draft Personal Information Protection Law, and a draft was made available internally among the authorities in 2005, but there is no schedule for promulgation of this law.

The Ministry of Information and Industry of China (MIIT) has published a draft document called Information Security Technology – Guide for Personal Information Protection (the “Draft Guide”). If the Draft Guide is eventually enacted, it will be enacted by the Administration for Quality Supervision, Inspection and Quarantine (AQSIQ) and the Standardisation Administration of China ( SAC). It will not be enacted by the MIIT itself, because it is written in the form of an industrial standard, which fall into the scope of authority of AQSIQ and SAC. It will, however, have legal force.

Read more

Posted Under: China

Post By (955 Posts)