China’s new Personal Information Protection Law (PIPL)

China’s impetus to regulate the use of personal data is less about protecting individuals’ right to privacy, as it is understood in the West, as it is preserving national security and social order.

International companies using Chinese citizens’ data could therefore become “targets” in geopolitical tussles.

If a company outside of China conducts processing activities, the PIPL requires that it set up a special institution or designate a representative in China for handling personal information protection matters, and report the name and contact details of such institution or representative to the Chinese authorities.

Violations of the PIPL may lead to an administrative fine of up to RMB 50 million or 5% of the processor’s turnover in the last year (it is unclear if this is local or global). Other penalties include order for rectification, warning, confiscation of illegal gains, suspension or cessation of service, cessation of operation for rectification, and revocation of operating permits or business licenses. The person-in-charge or other directly liable individuals may also be individually liable and fined or prohibited from acting as directors, supervisors, senior managers or personal information protection officers.

Will your company be PIPL compliant by November 1, 2021?
  • Yes
  • Need more time to implement changes
  • Not processing personal data from Chinese citizens
  • First time I heard about it

0 voters

Im not at all familiar with it. But can say a hard NO with cooperating with that governments requests. Ever. Rather lose the clients and contracts than sell my soul to those evil doers :slight_smile: