Legacy Stories are stories that were conceptualised in September 2021, before the timeline was on Tiki-Toki, let alone GitHub. The story in its current form lives here. And you are very welcome to share any thoughts you have on how this story can be improved by commenting below!
Title
Legacy story: Personal Information Protection Law in China
The PIPL takes effect in China, protecting individuals' data.
Justification
Unformed Thoughts
The GDPR continues to be a strong benchmark for the development of new data protection regulations. China’s Personal Information Protection Law (PIPL), in effect since November 2021, draws on various definitions from the GDPR. Amongst them, we have consent, which must be informed and given freely and through clear action, and can be withdrawn. However, Ke et al. note a difference in this respect:
“[…] The PIPL requires a separate consent for certain processing activities, namely if a processing entity (i) shares personal information with other processing entities; (ii) publicly discloses personal information; (iii) processes sensitive personal information; or (iv) transfers personal information overseas (Articles 23, 25, 29 and 39)” (Ke et al., 2021).
Legacy Stories are stories that were conceptualised in September 2021, before the timeline was on Tiki-Toki, let alone GitHub. The story in its current form lives here. And you are very welcome to share any thoughts you have on how this story can be improved by commenting below!
Title
Legacy story: Personal Information Protection Law in China
Date or Period 📅
Effective 01-Nov 2021.
Elevator Pitch
The PIPL takes effect in China, protecting individuals' data.
Justification
Unformed Thoughts
The GDPR continues to be a strong benchmark for the development of new data protection regulations. China’s Personal Information Protection Law (PIPL), in effect since November 2021, draws on various definitions from the GDPR. Amongst them, we have consent, which must be informed and given freely and through clear action, and can be withdrawn. However, Ke et al. note a difference in this respect:
“[…] The PIPL requires a separate consent for certain processing activities, namely if a processing entity (i) shares personal information with other processing entities; (ii) publicly discloses personal information; (iii) processes sensitive personal information; or (iv) transfers personal information overseas (Articles 23, 25, 29 and 39)” (Ke et al., 2021).