Photo: IC Photo
China on Thursday published a draft of a document that would provide national standards for digital data collection, opening the door to greater protection for the country’s internet users.
The draft by the government-administered National Information Security Standardization Technical Committee would require app-makers to authorize access to their products once users hand over the minimum possible amount of personal data and permissions for the products to function. Users can also grant additional permissions but would not be required to do so.
The draft includes lists of the minimum information requirements of 21 kinds of internet services, including map navigation, ride-hailing, instant messaging, blogs and forums, online payment, news media, and online shopping. The lists include both personal information that is legally required, such as phone numbers and transaction records, and additional personal information needed for the services themselves.
The document would help to ensure that app developers don’t gain access to personal information unrelated to the nature of their services. For instance, it would allow a food delivery app to ask for your location, but not to have access to your photos.
Additionally, the draft would prevent apps from transferring or sharing personal data with external services without the owner’s permission. Apps would also not be allowed to collect device identifiers, such as IMEI codes or MAC addresses, for anything other than security purposes, according to the draft.