China’s Lawmakers Plan to Make Personal Data Portable Across Platforms

China’s top lawmakers are considering amending personal information protection legislation to allow people to more easily transfer their online information across platforms, a move that could reduce the information monopolies of leading internet firms.

The revised draft of the Personal Information Protection Law has been submitted to the ongoing session of the Standing Committee of the 13th National People’s Congress (NPC), China’s top legislature, for a third round of review (link in Chinese), usually the last stage before a law is passed, a statement published on the NPC website said Tuesday.

The latest draft highlights mobile applications’ handling of personal data in relation to issues such as excessive collection of personal data, and illegal trading and leakage of such information, the statement said.

It also includes a provision on the right to personal information portability. This stipulates that personal information processors should provide the means to people who want to transfer their information, as long as the requests comply with China’s Cyberspace Administration regulations, the statement said.

The right to data portability was first raised in the European Union’s General Data Protection Regulation, which allows people to obtain “structured, commonly used, machine-readable” data from a data controller and to be free to reuse or transmit it to another controller.

Legal industry insiders said that if the provision is adopted, it will contribute to preventing enterprises from taking advantage of data to form a monopoly. It will also enhance people’s decision-making power over their personal information, they said.

As China’s first specific personal information protection law, it had already caused widespread discussion after its first and second reviews last October and this April. An expert told Caixin that many internet companies expressed opposition to the aspect of portability being included in the national law.

They were concerned that customers would transfer their personal data, regarded as an important asset by these companies, to their competitors.

Implementing such a provision might increase the cost for internet companies, such as adding workload or causing them to lose their customers, said Shi Jiayou, a law professor at Renmin University in Beijing.

Shi added that stipulating the right to data portability will promote information sharing and circulation and prevent forming “isolated data islands.” It will also strengthen the protection of individuals’ rights to control and use their personal information.

He cited as an example people’s right to change their phone’s telecom carrier while keeping their original phone numbers.

This was echoed by Xiong Dingzhong, director of a Beijing-based law firm. Xiong said including the provision would prevent the building of a new large-scale data monopoly platform that has a “very strong” link with the current tightened regulation on internet giants.

Citing violations of users’ rights, China’s top telecom regulator in May ordered the removal of 90 apps from various app stores in the latest crackdown on online privacy breaches, including the U.S.-listed travel agency Tuniu Corp. and LinkedIn-like career platform Maimai.

And in the first seven months last year, more than 8,000 apps and 478 companies were penalized by regulators for violating data collection rules.

Although it remains unclear when the new law will come into force, it will be passed this week during the NPC meeting, Caixin has learned from analysts. The NPC Constitution and Law Committee has suggested the amendments be adopted (link in Chinese) at the meeting, according to a separate statement issued Tuesday.

Contact reporter Wang Xintong (xintongwang@caixin.com) and editor Lu Zhenhua (zhenhualu@caixin.com)

Download our app to receive breaking news alerts and read the news on the go.

Get our weekly free Must-Read newsletter.