The App Governance Panel recently published a new draft of the Information Security Technology – Basic Specification for Collecting Personal Information in Mobile Internet Applications. Among other things, the new draft sets out requirements for apps that contain third-party codes or plug-ins which can collect personal data and revises the list of 'necessary' personal data for a variety of apps.
The App Governance Panel recently released a revised version of the Personal Information Security Specification for public consultation following the previous draft versions published in June and January 2019. The revised draft includes amendments regarding unsubscribing from online services and the obligations of data controllers and processors in that regard.
The topic of whether antitrust civil disputes are arbitrable has been hotly debated in China in recent years. There are few case law precedents in this regard and local courts have taken different positions regarding this issue. That said, the Supreme People's Court made its stance clear in a recent decision which found that an arbitration clause could not exclude the jurisdiction of Chinese courts in antitrust civil disputes.
The People's Bank of China recently issued the Trial Measures for the Protection of Personal Financial Information/Data (Preliminary Draft) to relevant commercial banks in order to solicit their opinions. It has been reported that under the trial measures, banks and other financial institutions will be unable to obtain personal financial information from third parties that are illegally engaged in personal credit investigation activities.
A violation of the notification or standstill obligation is commonly called 'gun jumping' and can have significant legal consequences. This article examines Canon's acquisition of Toshiba Medical and the legal consequences of gun jumping in China, as well as the risks of implementing a transaction 'by steps' to circumvent the standstill rules. Recent strengthened enforcement measures are also briefly examined.
The Ministry of Industry and Information Technology recently published the Guiding Opinions on Promoting the Development of the Network Security Industry for public comment. According to the opinions, the ministry aims to have a number of cybersecurity enterprises generating an annual revenue of over Rmb2 billion by 2025. As such, the opinions provide a list of recommendations to that end.
The Ministry of Education and seven other authorities recently published the Opinions on Guiding and Regulating the Orderly and Healthy Development of Educational Apps. The aim is that all educational mobile apps will be registered by the end of 2019. To this end, providers of such apps must file details of their apps with provincial education administrations and adhere to data protection rules.
The Cyberspace Administration of China recently published the draft Regulations on Network Eco-governance for public consultation. The regulations apply to the actions of network information content producers, network information content service platforms and network information content service users, which are prohibited from producing illegal or harmful information.
The draft Civil Code was recently submitted to the Standing Committee of the 13th National People's Congress for a third reading. Compared with the first and second drafts, the third draft expands the scope of the definition of 'personal information' to cover email addresses and location information.
The final version of the Provisions on the Cyber Protection of Personal Information of Children recently came into effect. According to the provisions, network operators must formulate separate rules and user agreements to protect children's personal information and designate a dedicated person to oversee the protection of such information.
The Ministry of Industry and Information Technology and nine other authorities recently published the Guiding Opinions on Strengthening Industrial Internet Safety in the context of establishing China's industrial internet security guarantee system. According to the opinions, the industrial internet security guarantee system should be established by the end of 2020 and be a sound and reliable mechanism by 2025.
The State Administration for Market Supervision recently promulgated the Interim Provisions for Prohibiting Monopoly Agreements. Although the draft provisions introduced a safe harbour clause for non-IP-related monopoly agreements, this has been removed from the final version. As debate continues as to whether to introduce a safe harbour clause to Chinese legislation, this article examines the history of the safe harbour rule and the potential reasons why it would not apply to all monopoly agreements.
The Cyberspace Administration of China recently released the Cybersecurity Review Measures (Draft for Comment). According to the draft, where an operator of critical information infrastructure purchases a network product or service, it must make an ex ante assessment of the potential security risks that could emerge once the product or service is put into operation and produce a security report accordingly.
The Cyberspace Administration of China recently issued the Administrative Measures for Data Security (Draft for Comment), which include rules on the collection, storage, transfer, processing and use of data in China via websites, as well as data protection and management. Among other things, the draft measures encourage network operators that collect personal information through websites, apps and other products to formulate specific rules regarding the collection and use of such information.
The Cyberspace Administration of China recently held a public consultation on the Provisions on the Cyber Protection of Personal Information of Children (Draft for Comment). The draft provisions set out a number of recommendations for network operators, including formulating special rules to protect children's personal information and user agreements and employing a personal information protection specialist or designating personnel to oversee the protection of children's personal information.
For foreign investors with an eye on the Chinese insurance market, obtaining an insurance intermediary licence is a good idea. However, compared with insurance brokerage licences, insurance agency licences are difficult for foreign investors to obtain. Therefore, foreign investors that wish to acquire control over a Chinese insurer should consider either setting up a new foreign-invested insurer or acquiring an existing foreign-invested insurer.
The Cyberspace Administration of China recently released the Measures on Security Assessment of Cross-Border Transfer of Personal Information (Draft for Comment). According to the draft, network operators must apply to the provincial-level cyberspace administration for a security assessment before conducting cross-border transfers. Further, network operators must record all cross-border transfers and retain the records for at least five years.
During the past five years, the Chinese courts and arbitration institutions have handled major disputes relating to reinsurance contracts. These cases prompted legislation in the reinsurance sector and drew attention to the need for more careful wording in reinsurance contracts. This article provides an overview of several essential provisions in reinsurance contracts under Chinese law.
The Ministry of Commerce of China recently announced the establishment of an Unreliable Entity List (UEL) targeting foreign entities and individuals that (among other things) fail to comply with the principles of the market economy or threaten China's national security. It is anticipated that the UEL will rely heavily on the Anti-monopoly Law, especially in relation to foreign entities with a noticeable market presence in China.
The China Banking and Insurance Regulatory Commission was recently formally unveiled in Beijing, marking the official launch of the new regulatory authority. This merger of the former China Banking Regulatory Commission and China Insurance Regulatory Commission is the biggest reform of China's financial regulatory system in more than 15 years and marks the start of the 'one committee, one bank, two commissions' regulation framework.