China’s New Data Privacy Law Doesn’t Protect People Against the Biggest Threat: The Government
Over the last few years, China has established thousands of checkpoints in its western provinces, designed to surveil the ethnic minorities who must scan their IDs (and faces) regularly so their every movement can be tracked. China now also apparently cares very deeply about protecting citizens’ data, this week passing a strict new privacy law designed to protect consumers from data collection by large tech companies.
Casting aside for a moment the jarring incongruity of a government fixating on data collection by big tech companies while ignoring its own authoritarian trampling on citizens’ privacy rights, it’s worth noting that the law, called the Personal Information Protection Law (PIPL), necessarily weakens big tech companies, forcing onerous regulations that they will now have to comply with.
While many observers have drawn comparisons between PIPL and Europe’s General Data Protection Regulation (GDPR), the benefit to consumers may be a mixed bag if GDPR is any example. Europe’s consent-based frameworks (where most consumers just read through yet another set of mumbo-jumbo legalese disclosures before robotically clicking “agree”) sometimes fail to provide enhanced data privacy. Amusingly with GDPR, “a company that lacks the consent for their current data practices could also lack the consent to email people to gain their consent,” Andrea O’Sullivan wrote for Reason back in 2018.
Still, limiting what data companies may collect and what said companies can do with the data once collected could feasibly be a boon to consumers—although China’s law predictably contains large carveouts for the government to violate people’s privacy for ill-defined national security purposes. PIPL—which is quite popular among Chinese consumers, who, like their Western counterparts, are in the throes of a nascent techlash moment—prohibits excessive collection of consumer data; requires that sensitive information be stored in China; requires that facial recognition surveillance tech be explicitly marke
Article from Latest – Reason.com