Personal Information Protection Law of the People's Republic of China
The Personal Information Protection Law of the People's Republic of China (Chinese: 中华人民共和国个人信息保护法; pinyin: Zhōnghuá rénmín gònghéguó gèrén xìnxī bǎohù fǎ) referred to as the Personal Information Protection Law or ("PIPL") protecting personal information rights and interests, standardize personal information handling activities, and promote the rational use of personal information. It also addresses the transfer of personal data outside of China.
Personal Information Protection Law of China
People's Republic of China excluding China's Special Administrative Regions
August 20, 2021
November 1, 2021
The PIPL was adopted on August 20, 2021, and is effective November 1, 2021.[1] It is related to, and builds on top of both China's Cybersecurity Law ("CSL") and China's Data Security Law ("DSL").[2]: 131
A reference English version was published on December 29, 2021.
History[edit]
On August 20, 2021, the Standing Committee of the 13th National People's Congress passed the Private Information Protection Law or ("PIPL"). The law, which took effect on November 1, 2021, applies to the activities of handling the personal information of natural persons within the borders of the China.
In comparison to countries in the West, China has developed its privacy laws over time at a slower pace. In recent years, though, China has more actively developed regulations, as the nation is considered a “global cyberforce.” China’s policies differ from Western nations, in that their perception of privacy is different due to historical and cultural reasons.[3]
During the drafting process, the European Union's General Data Protection Regulation ("GDPR") was used as a model and in some areas, PIPL closely tracks the GDPR.[2]: 252