Your Cart

ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (China report)

On Sale
SGD0.00
Free Download
Added to cart
ABLI-FPF Convergences Series - Status of Consent for Processing Personal Data (China report)

Authors: 
Dominic Paulger, Policy Manager (APAC), Future of Privacy Forum, and Hunter Dorwart
Policy Counsel for Global Privacy, Future of Privacy Forum

Asian Business Law Institute and Future of Privacy Forum

May 2022

This report provides a detailed overview of relevant laws and regulations in China on:

●     notice and consent requirements for processing personal data;

●     alternative legal bases for processing personal data which permit processing of personal data without consent if the data controller undertakes a risk impact assessment (e.g., legitimate interests); and

●     statutory bases for processing personal data without consent, and exceptions or derogations from consent requirements in general and sector-specific laws and regulations.

Table of Contents 

1. INTRODUCTION 

2. CHINA’S DATA PROTECTION FRAMEWORK

    2.1. Civil Code

    2.2. Personal Information Protection Law (“PIPL”) 

    2.3. PI Security Specification (“Security Specification”) 

    2.4. Cybersecurity Law (“CSL”)

    2.5. Sectoral regulations and guidelines

          a. Financial services 
          b. Mobile applications
          c. Automotive sector

3. CONSENT AND PRIVACY SELF-MANAGEMENT IN CHINA’S DATA PROTECTION LAW 

4. CONDITIONS FOR CONSENT

    4.1. Definition and forms of consent 

          a. Security Specification
          b. PIPL
          c. Sectoral regulations .

    4.2. Withdrawal of consent

    4.3. Prohibition on bundled consent

          a. Security Specification
          b. “Core” versus "ancillary” business functions 

    4.4. Whether access to services may be conditional on consent

5. TRANSPARENCY AND NOTICE

6. CONSENT FOR SPECIAL CATEGORIES OR USES OF DATA

    6.1. Children 

         a. Security Specification
         b. PIPL
         c. Sectoral regulations

     6.2. Cookie, Internet of Things, Online Tracking

     6.3. Biometric data 

         a. Security Specification
         b. PIPL

     6.4. Genetic data

     6.5. Financial information

         a. Security Specification
         b. PIPL
         c. Sectoral regulations

      6.6. Location data

         a. Security Specification
         b. PIPL

7. CONSENT FOR CROSS-BORDER DATA TRANSFERS

     7.1. Cross-border transfer rules and security assessments

8. SANCTIONS AND ENFORCEMENT 

     8.1. Civil Code

     8.2. CSL

     8.3. PIPL

9. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT SUBJECT TO A RISK IMPACT ASSESSMENT

    9.1. Impact assessments under the PIPL

10. COLLECTING, USING, AND DISCLOSING DATA WITHOUT CONSENT IN OTHER CIRCUMSTANCES DEFINED BY LAW

   10.1. PIPL

   10.2. Security Specification 

   10.3. Other regulations

You will get a PDF (3MB) file
No products found