Recent Regulatory Requirements in The Field of Information Protection
Ms. Li LUO – a vetted lawyer on Trustiics. She specialized in PE/VC, M&A, capital market, foreign investment, employment and general corporate legal services.
Recently, several drafts and notices to strengthen regulatory requirements in the field of information protection have been issued in China. These were on regulating financial marketing activities, protecting financial consumer rights, and strengthening the security management of financial mobile application software. One of our registered counsel has summaried the key changes on regulations on this update.
On December 27, 2019, The People’s Bank of China (“PBOC”) issued the Implementing Measures of the People’s Bank of China for the Protection of Financial Consumers’ Rights and Interests (Draft for Comments) for public consultation. The Draft provides clarification regarding information collection, disclosure and notification, usage, management, storage and confidentiality, deletion and correction, cross-border transmission, and outsourcing service management, and further strengthens the right to know and the right to information autonomy. In addition, the Draft specifies the requirements for cross-border transfer of consumer financial information which adopts two major conditions, i.e. the information should in principle be stored domestically, and the recipient should be an affiliate of the financial institution.
In the second half of 2019, the PBOC issued the Notice on Issuing Financial Industry Standards and Strengthening the Security Management of Finance Client-side Mobile Application Software (“Financial App Notice”), and also released the financial industry standard Mobile Financial Client-side Application Software Security Management Specifications (JR / T 0092-2019, “Specifications”). The Financial App Notice requires financial institutions to strengthen the security management of financial Apps.
On December 20, 2019, the PBOC, the China Banking and Insurance Regulatory Commission, the China Securities Regulatory Commission, and the State Administration of Foreign Exchange, jointly issued the Circular on Further Regulating Financial Advertising and Promotional Activities (the “Marketing Circular”). From the perspective of preventing the misuse of the personal information of financial consumers and protecting the legitimate rights and interests of financial consumers, the Marketing Circular puts forward specific requirements for financial marketing activities.