Global EditionASIA 中文双语Français
China
Home / China / Society

Security tightened for transfer of personal info

By Zhao Lei | China Daily | Updated: 2019-06-14 09:13

Internet service providers in China will be put under tighter scrutiny when they handle overseas transfers of personal information, according to a draft regulation of the Cyberspace Administration of China.

The introduction of the regulation, tentatively called the Assessment Regulation on the Security of Personal Information's Overseas Uses, is intended to better safeguard internet users' rights, national security, public interests and cyberspace sovereignty, the administration said in a statement on Thursday, while calling for opinions and suggestions to improve the draft.

Based on the Network Security Law, the draft requires internet service operators to conduct security screening on personal information gathered in their operations within Chinese borders. Any transfer of information that is likely to affect national security, public interests or personal information security is banned by the document.

The draft regulation stipulates that internet service providers must submit the result of the screening to provincial-level cyberspace departments. Operators will also be ordered to provide their contracts with overseas recipients of personal information.

Provincial-level cyberspace authorities will scrutinize the material submitted by operators and check whether their overseas businesses are law-abiding, whether their contracts are capable of protecting personal information and whether the personal information they handle is legitimate. They will also check whether they have poor records concerning personal information operations or have had major cybersecurity incidents.

Internet service providers handling personal information will need to set up a database of their overseas business records, and keep such records for at least five years, according to the draft regulation.

The records will include the identity, contacts and addresses of overseas recipients, the types, quantities and the level of sensitivity of the information to be transferred, and other content selectively required by cyberspace authorities, the draft says.

Cyberspace departments will have the power to request operators suspend or stop the transfer of personal information to overseas parties if there is a massive leak or abuse of the information, or if the information is considered at risk.

Hong Yanqing, a researcher on cyberspace operations at Peking University, said that leaking, illegal transfer or misuse of personal information are all highly prone to personal and asset security breaches and therefore must be handled in a secure and appropriate manner.

Li Jianling, a senior researcher on cybersecurity at the Ministry of Public Security, said information is not only a commercial resource but also a national strategic resource. He said Western nations have paid great attention to the protection of personal information.

Top
BACK TO THE TOP
English
Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
License for publishing multimedia online 0108263

Registration Number: 130349
FOLLOW US