Digital management is a huge challenge for businesses in 2021. With the promulgation of the Data Security Law and the Personal Information Protection Law, the restrictions of laws and regulations are both opportunities and challenges, and the implementation of relevant laws and regulations as a whole will further promote the standardized operation and development of enterprises under the data and traffic dividends.
On December 28, at the TalkingData T11 Data Intelligence Summit, Cui Xiaobo, founder and CEO of TalkingData, said that in the past, the black industry in the data industry was rampant, and the newly implemented regulations clearly defined the obligations of data authorization, compliance inspection, privacy desensitization, security audits, etc., the gray industry gradually disappeared, and the era of bad currency expelling good money passed. This is an opportunity for compliant data management companies.
This year, two relevant laws and regulations have officially come into force. On September 1, the Data Security Law of the People's Republic of China came into effect. On November 1, the Personal Information Protection Law of the People's Republic of China came into effect.
This year, the regulatory authorities have also strengthened the inspection and punishment of apps and websites that illegally collect user information, and the Information and Communication Administration regularly issues the "Notice on the List of Apps That Are Removed from the Shelves and Infringes on the Rights and Interests of Users", and the Provincial and Municipal Information and Communications Administrations also notify the list of application software that have been removed from the shelves on time every month.
(Source: Ministry of Industry and Information Technology official website)
In November, the Information and Communications Administration issued the "Circular on "Looking Back" on the Problems of App Over-Range Request for Permissions and Excessive Collection of Users' Personal Information, which said that it inspected violations such as over-range and high-frequency requests for permissions for apps that users strongly responded to, such as collecting users' personal information in non-service scenarios, deceiving and misleading users to download, and found that there were problems with 38 apps, including Tencent News, Xiaohongshu, QQ Music, Homework Help, Tantan, Lalala, Douban and other well-known apps.
In Cui Xiaobo's view, from the Cybersecurity Law to the Data Security Law and the Personal Information Protection Law, it has a far-reaching impact on data management. From the perspective of positioning and history, Cui Xiaobo believes that the three are different. "Before the Personal Information Protection Law and the Data Security Law, there is also a cybersecurity law and a cybersecurity law that has a detailed rule for the protection of personal information, and these three laws are related to the protection of personal information, but the positioning and process of these three laws are still very different."
Cui Xiaobo said, "The biggest contribution of the Cybersecurity Law is to define private data and public data. The Personal Understanding of the Data Security Law is to provide legal protection for Chinese enterprises. For example, when a foreign institution asks a Chinese enterprise for data involving Chinese individuals or security, the Chinese enterprise may not provide it on the grounds of the Data Security Law. The Personal Information Protection Law clarifies the penalties, and at the same time, this is a law formulated from the position of consumers, and consumers can complain to the relevant departments in accordance with this law. At the same time, the individual insurance law distinguishes between super-large platforms, large platforms, and small and medium-sized platforms, and the essence is to protect small and medium-sized enterprises and restrict the expansion of large platforms. In addition, the personal insurance law has a relatively clear definition of the role in the data industry. For example, TalkingData belongs to the 'data processor', working with app developers to process this data, to desensitize the data, and to protect it. ”
In addition, after the data security law and the personal information protection law are officially implemented, corresponding industry regulations will be issued in response to the regulations. Cui Xiaobo said that Recently, TalkingData joined the data security audit compliance team, mainly for the data compliance related content of listed enterprises.
![The 2021 Industrial Internet Achievements Conference was held in Bao'an, and a number of achievements were released[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)