Weblog with daily updates of the news on a frugal, fair and beautiful China, from the perspective of internet entrepreneur, new media advisor and president of the China Speakers Bureau Fons Tuinstra
China’s tech firms have faced US listing limitations on both US and China regulations. China lawyer Mark Schaub look at the new issues tech firm face on data, privacy, VIE’s, and other regulations for listing in the US at the vlog of his law firm KWM.
China has issued a wide range of new rules on cybersecurity, data exchange, and consumer protection that will define the development of smart cars, says China-lawyer Mark Schaub in an extensive analysis of the recent regulations, at Lexocology.
Mark Schaub:
China has established its main legal regime in regulating cybersecurity, data security and personal information protection with the promulgation of Cybersecurity Law, the Data Security Law and PIPL. Smart cars will be collecting, processing and transferring data at levels previously undreamt of. However, such activities will prove to be a great challenge to the Chinese regulators. Following the effectiveness of the Data Security Law, the PIPL and the Management Provisions, we expect to see enforcement against some major players to make it clear that China will enforce data security and personal information protection. Companies that will be affected should consider the following: (1) Consider data security issues in the process of designing, producing, selling, operating, maintaining and managing cars, and reduce the amount of data collected and stored in car to the greatest possible extent.(2) While using big data for commercial operations, safeguard the users’ right to know and implement technical safeguards to desensitize and anonymize data, as well as preventing misuse or unauthorized third-party access.(3) Multinational companies or Chinese companies with R&D centers outside China should consider implementing localized storage as soon as possible by establishing data centers within China and enhancing local R&D capabilities in China.(4) Finally, companies would be well advised to conduct a systematic review and assessment of the current state of their data handling. Business operations that clearly do not comply with the requirements of the Management Provisions should be adjusted in a timely manner.
China’s legislators have set another step in regulating data security, this time for the automotive industry, by publishing a draft for comments. China-lawyer Mark Schaub gives an overview of the plans for the China Law Insight. “Companies would be well advised to conduct a systematic review and assessment of the current state of their data handling,” he concludes.
Mark Schaub:
China has continuously strengthened legislation and regulation on cybersecurity, data security and protection of personal information protection.
Automated driving and smart cars will be a major challenge to the Chinese regulators. Smart cars will be collecting, processing and transferring data at previously undreamt of levels. The authorities will need to balance the convenience of automated technology against cybersecurity and privacy concerns. China is accelerating its pace of promulgating laws, regulations, policies and standards to nurture the intelligent vehicle industry but at the same time have in place regulations to ensure such technologies are safe.
The Draft strengthens the protection of personal information and secures data in China’s automotive industry.
However, we believe that some provisions of the Draft require clarification and there is also room for improvement as to how the Draft fits in with other laws. Big data is an important basis for the rapid development of self-driving cars and China’s automotive industry but a balance must be struck between technological innovation and data security. [2]
The Draft will affect almost all players engaged in the automotive industry. Companies that will be affected should keep a close eye on the legislative process of the Draft and start making preparations now to minimize disruption to their operations. In particular:
Consider data security issues in the process of designing, producing, selling, operating, maintaining and managing cars, and reduce the amount of data collected and stored in car to the greatest possible extent.
While using big data for commercial operations, safeguard the users’ right to know and implement technical safeguards to desensitize and anonymise data, as well as preventing misuse or unauthorized third-party access.
Multinational companies or Chinese companies with R&D centres outside China should consider implementing localized storage as soon as possible by establishing data centres within China and enhancing local R&D capabilities in China.
Finally, companies would be well advised to conduct a systematic review and assessment of the current state of their data handling. Business operations that clearly do not comply with the requirements of the Draft should be adjusted in a timely manner. The companies should also consider formulating internal mechanisms and systems that comply with the Draft as soon as possible. Although the Draft has not come into force it is a clear indication of the Chinese authorities’ intent and clear direction as to where the policy is going.
China is gettings its digital agenda for its legislation in order, especially the protection of users’ privacy, writes China-lawyer Mark Schaubon the China Law Insight. He looks at the call for comments on the Interim Provisions on the Administration of Personal Information Protection of Mobile Internet Apps.
Mark Schaub:
The mobile phone is likely to be the greatest point of vulnerability for Chinese consumers. Apps collect (often surreptitiously) massive amounts of data with the Chinese consumer having little inkling as to the purpose or extent to which their data is being processed and shared.
The Provisions signal a very welcome recognition that privacy on devices is important to safeguard privacy rights in real life. The Provisions recognize that standardization of measures and regulations are important so that there is a unified approach by the authorities.
The Provisions set common sense safeguards for personal information and, more importantly, also set out real life means by which to take action against errant Apps.
Although, the Provisions are being circulated for public comment it is unlikely that this will lead to any provisions being watered down. More likely, in the near future, the implementation of the Provisions, accompanied by the introduction of the Personal Information Protection Law, will provide a multi-layered legal system with sufficient teeth to protect personal information in China.
Privacy concerns, marketing and local regulations on data security are just a few of the barriers China’s tech companies face when they want to go global, says seasoned VC William Bao Bean at the China Technode Emerge 2020 conference in Shanghai last week. Geopolitical tension are way overrated as possible hurdles, he adds, according to Technode.
Technode:
2020 has been a tough year for Chinese tech companies selling to overseas markets. In India, local authorities banned a total of 177 Chinese apps in June and September following border clashes between the two countries. In the US, the Trump administration announced impending bans on short video app Tiktok and instant-messaging app Wechat, which are among the most successful Chinese apps in international markets. Chinese telecommunications equipment maker Huawei is facing increasing restrictions on supplying gear for Western countries’ next-generation 5G networks.
Beyond geopolitical tensions, Chinese tech companies expanding overseas also face obstacles in the form of privacy regulations, marketing, and localization, William Bao Bean, general partner at investment firm SOSV, said during the opening panel at the Shanghai event.
“The challenge for entrepreneurs going across the border is actually trying to understand what you can do and what you cannot do,” Bean said.
The lack of regard for privacy has led to some of the problems Chinese tech companies face in markets like Europe and the US because of stricter local regulations on data security, Bean explained.
“You have to adapt to the local market. You have to follow the local law. And half the time, people [startups] don’t even know that they’re breaking the law when they go across the border,” he said…
Chinese venture capital (VC) funds may find it difficult to raise money from US pension funds, said Bean. But he believes that the hurdles faced by VCs are not affecting Chinese startups. “That’s a money problem, not a startup problem,” he said.
“China has got the number-two largest VC industry in the world in terms of the amount of funds put in startups and it’s actually easier for Chinese companies to raise money from China,” he said.
Bean said that Chinese tech companies should see Southeast Asia as their next destination in their global expansion plans to avoid regulatory uncertainties in Europe and India.
“Southeast Asia has a lot of the same challenges, problems, or opportunities that China had 10 years ago. It’s a mobile-first market. So people’s first or only experience with the internet is on a smartphone, which is very similar to China,” he said.
Bean said he couldn’t be sure whether or not there will be more Chinese tech companies facing global regulatory backlash like Huawei and Tiktok, but he is optimistic that this would not stop Chinese startups from going overseas.