More than 20 major Shenzhen-based companies, including video gaming and social media giant Tencent Holdings and telecommunications equipment maker Huawei Technologies Co, on Friday vowed to bolster user data safeguards ahead of the roll-out of China’s Personal Information Protection Law (PIPL) on November 1.
The companies, all of which operate popular apps used by consumers and businesses, pledged to abide by 10 initiatives that promote the “healthy and sustainable development” of the internet industry at a conference on Friday, organised by authorities in the tech hub known as China’s Silicon Valley, according to a report by local newspaper Shenzhen Special Zone Daily.
These initiatives prohibit the unnecessary collection of personal information, abuse of facial recognition data, invading personal privacy and price discrimination based on big data analyses.
Tencent and Huawei did not immediately respond to requests for comment on Saturday.
Other firms that made that commitment on Friday included Ping An Insurance, telecoms gear maker ZTE Corp and Huolala, the mainland Chinese operation of Hong Kong-based on-demand delivery and logistics services provider Lalamove.
Friday’s conference, the organisers of which were led by the Shenzhen branches of the State Administration for Market Regulation and the Cyberspace Administration of China, reflects the strong effort being made by some of China’s major tech companies to comply with the PIPL, one of the world’s toughest on personal data security, which has been compared to the European Union’s General Data Protection Regulation (GDPR).
Much like the GDPR, which came into effect in 2018 and imposed red lines on how companies handle personal data within Europe, China’s PIPL is also set to have a far-reaching impact on how businesses gather and use data in the country after it takes effect next month.
A key stipulation of the Chinese law, like GDPR, will be to empower individuals to decide whether to hand over their personal information to data processors. Both laws stipulate that personal information has to be collected and processed according to a transparent and rigid protocol.
A confluence of events have made this the ideal time for Beijing to take action on information security, of which data localisation is a big part. Policy objectives reflect both the need for better safeguards in the country, which has traditionally lagged in internet security standards, and Beijing’s desire for greater control over a once freewheeling digital sector.
China’s internet has long suffered from numerous cyberattacks and data leaks. Personal information such as phone numbers, national ID cards and facial recognition data have been easy to find on some of the country’s second-hand e-commerce platforms.