South China Morning Post
Advertisement
Advertisement
Cybersecurity
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
Tencent Holdings, Huawei Technologies Co, Ping An Insurance and ZTE Corp are among more than 20 major Shenzhen-based app operators that have committed to strengthen their user data security in line with China’s new Personal Information Protection Law. Photo: AP
TechPolicy

Tencent, Huawei, other major Shenzhen firms to bolster user data safeguards ahead of roll-out of new personal information law

  • More than 20 major Shenzhen-based companies, all of which operate popular apps, have pledged to boost their user data security
  • The commitment was made ahead of the implementation of China’s new Personal Information Protection Law on November 1
Cybersecurity
Jane Zhang
Jane Zhang
Why you can trust SCMP
More than 20 major Shenzhen-based companies, including video gaming and social media giant Tencent Holdings and telecommunications equipment maker Huawei Technologies Co, on Friday vowed to bolster user data safeguards ahead of the roll-out of China’s Personal Information Protection Law (PIPL) on November 1.
The companies, all of which operate popular apps used by consumers and businesses, pledged to abide by 10 initiatives that promote the “healthy and sustainable development” of the internet industry at a conference on Friday, organised by authorities in the tech hub known as China’s Silicon Valley, according to a report by local newspaper Shenzhen Special Zone Daily.

These initiatives prohibit the unnecessary collection of personal information, abuse of facial recognition data, invading personal privacy and price discrimination based on big data analyses.

Tencent and Huawei did not immediately respond to requests for comment on Saturday.

Other firms that made that commitment on Friday included Ping An Insurance, telecoms gear maker ZTE Corp and Huolala, the mainland Chinese operation of Hong Kong-based on-demand delivery and logistics services provider Lalamove.

07:30

Why China is tightening control over cybersecurity

Why China is tightening control over cybersecurity
Friday’s conference, the organisers of which were led by the Shenzhen branches of the State Administration for Market Regulation and the Cyberspace Administration of China, reflects the strong effort being made by some of China’s major tech companies to comply with the PIPL, one of the world’s toughest on personal data security, which has been compared to the European Union’s General Data Protection Regulation (GDPR).

Much like the GDPR, which came into effect in 2018 and imposed red lines on how companies handle personal data within Europe, China’s PIPL is also set to have a far-reaching impact on how businesses gather and use data in the country after it takes effect next month.

A key stipulation of the Chinese law, like GDPR, will be to empower individuals to decide whether to hand over their personal information to data processors. Both laws stipulate that personal information has to be collected and processed according to a transparent and rigid protocol.

A confluence of events have made this the ideal time for Beijing to take action on information security, of which data localisation is a big part. Policy objectives reflect both the need for better safeguards in the country, which has traditionally lagged in internet security standards, and Beijing’s desire for greater control over a once freewheeling digital sector.
China’s internet has long suffered from numerous cyberattacks and data leaks. Personal information such as phone numbers, national ID cards and facial recognition data have been easy to find on some of the country’s second-hand e-commerce platforms.
Post