On APR 22, the Legislative Affairs Committee of the National People's Congress held a press conference, on which, the spokesperson Zang Tiewei introduced the modification information of the drafts of the Data Security Act (Second Draft for Review) and the Personal Information Protection Act (Second Draft for Review) to be reviewed on APR 26-29.
The Spokesperson of the Legislative Affairs Committee of the National People's Congress Disclosed the Modification Contents of the Data Security Act and the Personal Information Protection Act (Second Drafts for Review).
On APR 22, the Legislative Affairs Committee of the Standing Committee of the National People's Congress held a press conference, on which, the spokesperson Zang Tiewei introduced the main information of the bill of acts to be reviewed on the 28th conference of the 13th Standing Committee of the National People's Congress to be held on APR 26-29, and answered the questions of the reporters related to the Personal Information Protection Act. The followings are relevant contents extracted from the memoir of the speech:
[Zang Tiewei] (APR 22, 2021 10:10:02)
About the draft of the Data Security Act (Second Draft for Review). In June 2020, the 20th conference of the Standing Committee reviewed the draft of the Data Security Act for the first time. According to the opinions from all parties, the second draft for review of the draft reviewed by the Standing Committee was submitted for the following modifications: First, to perfect the meanings of the terms in the draft, such as data security. Second, to perfect the data grading and classification and important data protection system. Third, to enrich the data outbound safety management regulations for data.
[Zang Tiewei] (APR 22, 2021 10:12:34)
About the draft of the Personal Information Protection Act (Second Draft for Review). In October 2020, the 22nd conference of the Standing Committee reviewed the draft the Personal Information Protection Act for the first time. According to the opinions from all parties, the second draft for review of the draft reviewed by the Standing Committee was submitted for the following modifications: First, to perfect the principles by which the personal information processing shall abide for prominent problems at present, e.g., personal information is excessively collected. Second, to perfect and enrich the principles for processing personal information legally, withdrawing the consent, automating the decision, providing personal information crossing the border, etc. Third, to add provisions on personal information protection for the deceased. Forth, to specify relevant responsibilities of the national cyber security and IT application department to promote the personal information protection work. Fifth, complete the civil legal liabilities for the infringement of the personal information rights by linking up relevant provisions in the Civil Code.
[China Media Group Reporter] (APR 22, 2021 10:59:44)
At present, illegal collection, excessive collection and forced collection of personal information are common, and several enterprises were exposed on CCTV "3•15" Evening Party this year to have the circumstances of revealing and misusing the personal information of citizens for profit-making. For various chaotic phenomena occurring during the collection and use links of the personal information, how would the Personal Information Act protect the personal information of the citizens legally. Thank you!
[Zang Tiewei] (APR 22, 2021 11:01:30)
The personal information protection concerns the immediate interests of the broad masses of the people. In October, 2020, the draft of the Personal Information Protection Act submitted to the Standing Committee of the National People's Congress for the first review further perfected relevant systems and norms based on associated laws for outstanding problems in the area of personal information protection: First, to establish principles by which the personal information processing shall abide, emphasizing that the personal information processing shall use legal and proper methods, have definite and reasonable purposes, be limited to the minimum range for realizing the processing purpose, and take necessary security measures, etc., And these principles shall run through all the links of the whole process of personal information processing. Second, to set up a series of rules for personal information processing focusing on "Inform - Consent", requiring that the processing of personal information shall obtain the consent of individuals prior to being fully informed, and the products or services shall not be rejected to provide due to the disapproval of individuals. Third, to establish special sections to set up stricter limitations for the processing of sensitive personal information, the processing of sensitive personal information can only be conducted in situations having special purposes and sufficient necessities, shall obtain the independent consent or written consent from the individuals and shall have risk assessment in advance. Forth, definitely specify the rights of individuals in the personal information processing activities, including the right to know, right to make decisions, right to query, right to correct, right to delete, etc., and enhance the obligations of the personal information processors in compliance management and personal information security assurance. Fifth, set up strict administrative and civil legal liabilities. Focusing on the protection of the personal information rights and the strict regulation of the personal information processing activities, the above-mentioned laws and regulations will provide powerful legal protection for the prevention and control of the illegal collection and use of the personal information.
If you need more information, please contact us at
assitant@bestao-consulting.com