Dataguidance.com writes that the National People’s Congress (NPC), China’s highest legislature, adopted – on 28 December 2012 – a decision on strengthening the protection of network information (‘The Resolution’). The Resolution outlines China’s intention to protect electronic information capable of identifying an individual and prohibits the unauthorised acquisition of citizens’ personal data. Effective from the date of adoption, it imposes civil liability on companies that infringe on individuals’ privacy, granting the affected individuals a private right of action against those companies.
Manuel Maisog, Partner at Hunton & Williams, told DataGuidance: “It is possible that the new resolutions will require significant operational changes, to address more traditional data privacy concerns, among some businesses that control or process identifiable electronic information. [However] some businesses will find that they need only make such operational changes to a modest extent, as the internet is an inherently cross-border communications network, these businesses may have, by way of complying with requirements of other jurisdictions, already be in compliance with some of the requirements of the new resolutions. For them, it may be a matter simply of extending their compliance practices to China and modifying them somewhat to make them work in China”.
The Resolution contains 11 clauses that establish requirements applicable to internet service providers (ISPs) and other businesses that collect… (read the whole story HERE).