China’s new Personal Information Protection Law (PIPL) took effect during November 2021 changing the private data protection landscape in China and beyond the country’s borders. The law restricts companies (but, notably, not the government) from collecting and using consumer data, impacting companies both in and outside of China.
The PIPL specifies the scope of personal information; clarifies the legal bases for processing personal information; lays down the obligations and responsibilities imposed on processors; and imposes stringent requirements on data.
Considering implications of data protection policy and of the lack of a comprehensive U.S. policy for Digital Journal is Lynn Raynault, co-founder and president of cybersecurity startup Hush. Hush uses artificial intelligence to assess users’ digital footprints, eliminating any information that could be used as a threat.
Raynault says that: “Chinese consumers are aware of the importance of their digital privacy. The Chinese government is utilizing consumer demand to create laws on data limitations for companies, similar to the European Union’s General Data Protection Regulation (GDPR).”
For this there is a contrast with the U.S., especially in the way that people perceive data. As Raynault states: “American consumers have the exact opposite belief around consumer data: In America, we accept that corporations will hold and sell our data, yet hold the government accountable for what it knows about us.”
In a sense, China is being more progressive in its approach. According to Raynault: “The PIPL law puts the Chinese government ahead of the U.S. in protecting the privacy of its citizens. The irony here should not be lost on anyone…”
Raynault is of the view that consumers need to be guarded about what happens to their data. She states: “While laws like PIPL and GDPR focus on commercialized data, we should be more worried about data that can be weaponized.”
As an example, Raynault cites: “The last few digits of your social security number combined with your mother’s maiden name or the name of the street you grew up on, expose you to threats like identity theft or unemployment fraud.”
Things can go further too: “Add to this pictures of your home on Zillow or your child’s first day of school pic on social media (with their teacher’s name, school name, age, favorite color, etc.) that data can be very troublesome.”
Raynault remains concerned about how personal details online that can be used against consumers by hackers and bad actors. Hush is currently available to users.
