EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

China’s draft Personal Information Protection Law

Lothar Determann, Zhenyu (Jay) Ruan, Tingting Gao and Jonathan Tam
Additional contact information
Lothar Determann: Partner, Baker McKenzie, USA
Zhenyu (Jay) Ruan: Baker McKenzie FenXun (FTZ) Joint Operation Office, China
Tingting Gao: Baker McKenzie FenXun (FTZ) Joint Operation Office, China
Jonathan Tam: Senior Associate, Baker McKenzie, USA

Journal of Data Protection & Privacy, 2021, vol. 4, issue 3, 235-259

Abstract: In October 2020, China published a draft of the Personal Information Protection Law of the People’s Republic of China (PRC) for public comment. The draft law is intended to be the first consolidated and comprehensive law targeting the protection of personal information in China. If enacted in its current form, the law would introduce a suite of obligations that apply to organisations in both the private and public sectors and individuals that process Chinese residents’ personal information. The scope, structure and substance of the draft law not only resemble that of the European Union (EU) General Data Protection Regulation (GDPR) in a number of key ways but also diverge from the GDPR in many respects. The draft Chinese law also has some similarities with various US privacy laws, although the United States has not enacted a comprehensive federal privacy law that applies across the country. Despite the variations among the regimes of China, the EU and the United States, organisations that do business in these geographies can leverage the privacy compliance programmes they may have established for the United States and EU to prepare for the implementation of the draft Chinese Personal Information Protection Law. This paper summarizes the key requirements of the draft Chinese law and provides high-level observations regarding its similarities to and differences from the GDPR and key US privacy laws.

Keywords: China; PRC; Personal Information Protection Law of the PRC; PRC Cybersecurity Law; PRC Data Security Law; Chinese privacy laws; Cyberspace Administration of China; comparative analysis; EU General Data Protection Regulation; California Consumer Privacy Act; Virginia Consumer Data Protection Act; US Health Insurance Portability and Accountability Act (search for similar items in EconPapers)
JEL-codes: K2 (search for similar items in EconPapers)
Date: 2021
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/6394/download/ (application/pdf)
https://hstalks.com/article/6394/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:jdpp00:y:2021:v:4:i:3:p:235-259

Access Statistics for this article

More articles in Journal of Data Protection & Privacy from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aza:jdpp00:y:2021:v:4:i:3:p:235-259