The Ministry of Public Security has recently published a draft regulation on internet security supervision for public opinions. The draft stipulates that the internet service providers face a penalty of up to 1 million yuan ($159,000) if they are found to have engaged in the illegal transaction of personal information, even if their action does not result in any crime or yield a cent in illegal gains. Legal Daily comments:
The leaking of personal information is a chronic disease of the information age. Even leading global players are not immune to it, with Facebook in the spotlight recently over users' data being harvested for political purposes without their knowledge.
It has become a conventional practice for app or software providers to require users give them consent to access their personal information before allowing them to use their products.
In fact, at least five laws in China, including the Constitution and the Criminal Law, have special clauses on the protection of citizens' privacy, and the judicial authorities have also published legal explanations on internet privacy infringement cases.
Although the draft regulation is only a department rule, it is easier to be implemented, and its suggested penalties, harsher than those set out in the Criminal Law, directly target the internet service providers. This hits the nail on the head, and gives it greater effectiveness in checking the increasingly pervasive personal data mining and trade in personal information that has evolved into an almost quasi-open business online.
Hopefully, after a finalized regulation takes effect, the public security departments can act more promptly and be more responsive to internet users' appeal and complaints about their personal information being misused. This will immediately make the internet companies behave better and take the initiative in fulfilling their legally bound duties to be the primary guardians of their customers' personal information.