Caixin
Nov 03, 2021 05:35 PM
FINANCE

Full Text: PBOC Chief Yi Gang on Protecting Personal Data From Big Tech

People’s Bank of China Governor Yi Gang. Photo: VCG
People’s Bank of China Governor Yi Gang. Photo: VCG

Yi Gang, governor of the People’s Bank of China, spoke about China’s legal framework to protect personal data from big tech companies on Wednesday at the Hong Kong FinTech Week 2021. Below is the official transcript of his speech.

I’m glad to participate in the Hong Kong Fintech Week, and share with you some of my observations on personal data protection.

With the rapid development of fintech, the issue of personal data protection has come to the fore.

Fintech has developed rapidly over the past decade. Technologies such as AI (A), big data (B), cloud computing (C), distributed ledger (D) and e-commerce (E) have been increasingly integrated into the financial sector, making financial services more inclusive, convenient and efficient.

Big data is at the heart of the above-mentioned technologies. The companies that have large data traffic could accumulate data, and acquire new customers. They could enjoy steady data flow if customers remain loyal. As a result, big techs have increasingly gained an upper hand in assessing, using and storing data.

And that leads to the issue of personal data protection. Protection of personal privacy is a must, when each and every move of us has a record in data. Some big techs have either collected data without permission or misused them. There are also cases of customer data leakage. Therefore, it is urgent to strengthen personal data protection.

Drawing on international experiences, we have strengthened personal data protection.

Many jurisdictions have adopted legislation to protect personal data. For example, the EU issued the General Data Protection Regulation (GDPR) in 2018, which defines the rights of individuals and the responsibilities of data processing entities. The GDPR provides a useful reference for other economies.

China attaches great importance to data protection legislation. Relevant laws and regulations were issued as early as 1992, which laid out obligations of financial institutions in protecting customer data. This year, the Data Security Law and the Personal Information Protection Law were promulgated in June and August, respectively. A legal framework for personal data protection has taken shape.

Personal data protection is also high on the agenda of the People’s Bank of China (PBOC). Since 2005, the PBOC has introduced regulations on data protection in the areas of anti-money laundering, consumer protection and credit information. Recently, we have focused on cracking down on excessive collection of consumer data and “unfair clauses,” which require consumers to hand over personal information in exchange for financial services. At the same time, financial institutions are required to collect, use and store information for legitimate purposes and in strict accordance with the principles of lawfulness and minimum necessity, to protect privacy when using personal information for commercial purposes.

On Sept. 30, the PBOC issued the Administrative Guideline for the Credit Information Business. It defines personal credit information, and regulates credit information business, from data collection to processing and sharing. Fintech companies are also required to carve out their personal credit information units, and provide such services to financial institutions through licensed entities.

Going forward, we will continue to improve the legal framework for personal data protection in the financial sector and strengthen regulation accordingly.

Lastly, let me share some thoughts with you on strengthening personal data protection.

First, a sound legal and regulatory framework is the cornerstone of personal data protection. With a legal system up and running, regulation will be carried out by government agencies in China on a level ground in accordance with law.

Second, the ultimate purpose for data protection is to promote its proper usage. On the premise of protecting personal privacy, we will try to define data ownership in a more accurate manner, facilitate data transactions and promote fairer use of data, to unleash the vitality and innovation capacity of market players.

Third, data protection calls for international cooperation. Given the cross-border, cross-sector and cross-region nature of fintech, national authorities, including the legislative, the judicial and the administrative bodies, should strengthen domestic and international coordination in such fields as antitrust, data and consumer protection. In particular, we should join hands to set standards for personal data protection.

Download our app to receive breaking news alerts and read the news on the go.

Get our weekly free Must-Read newsletter.

You've accessed an article available only to subscribers
VIEW OPTIONS
Share this article
Open WeChat and scan the QR code
NEWSLETTERS
Get our CX Daily, weekly Must-Read and China Green Bulletin newsletters delivered free to your inbox, bringing you China's top headlines.

We ‘ve added you to our subscriber list.

Manage subscription