Businesses will get instructions on how to collect online information

Guidelines will be released this year instructing businesses to collect personal information only when absolutely necessary and to delete it immediately after use.

The non-binding guidelines, designed to protect online personal data, are pending final approval from the State Council. The draft was approved by the National Information Security Standard Technology Committee on Dec 30, the China Software Testing Center told China Daily on Thursday.

The center is a research institution affiliated to the top industry regulator, the Ministry of Industry and Information Technology.

"The committee passed the third draft of the guidelines last year," said Gao Chiyang, deputy director of the center. "They will be released this year."

Private information includes identity, property interests, family data, e-mails, browser history and search behavior, said Qi Xiangdong, president of Qihoo 360 Technology Co, an online security software maker.

China's Internet population has hit 513 million, the largest in the world, according to a China Internet Network Information Center report in January.

Although the guidelines are not compulsory, Gao said he hoped they will help raise awareness of online privacy and eventually pave the way for a comprehensive law to be adopted to protect personal information.

"Under the guidelines, data will only be collected for necessary use with consent, and the data should be deleted in a timely manner to avoid abuse," Gao said.

Data abuse was common, he said. For example, some websites continue to keep and display information even though it is no longer relevant.

However, many developed countries have introduced information protection legislation, Gao said. Even before the widespread use of computers, a personal information law was adopted in the United States in the 1970s. The European Union has also introduced legislation protecting personal information.

A report released by the China Software Testing Center last month said the security situation regarding personal information at 105 popular websites, including e-commerce websites Taobao, Amazon.com.cn and Chinese search engine Baidu Inc, wasn't "looking good".

About 60 percent of Chinese Internet users have experienced online data theft, said Liu Jiuru, deputy director of the Electronic Technology Information Research Institute at the Ministry of Industry and Information Technology.

Zhou Hanhua, one of the guideline's drafters, said China lacks a comprehensive law to protect privacy.

The current regulations on privacy protection fail to effectively supervise banks, hospitals and telecom companies, he said.

Although a draft law on privacy protection was published in 2005, the legislation has not been listed on the top legislature's agenda.

Contact the writers at tuoyannan@chinadaily.com.cn and zhaoyinan@chinadaily.com.cn