Chinese Personal Information Protection Law (PIPL) comes into effect

Starting today, November 1st, 2021, global organisations doing business in China will be required to comply with the country’s new Personal Information Protection Law (PIPL), regulating the storage of digital data and setting a framework for user privacy within China.

For those who fail to comply with the new law, fines can reach up to $7 million and may receive demands to shut down business in the Chinese market.

“Data residency is now a critical data compliance requirement, with China just one example of a nation enacting data regulation law, as countries around the world become increasingly local with the demands for regulation around data within their borders,” said Odaseva CEO & Founder Sovan Bin.

“The penalties for non-compliance with data regulations can present serious financial and operational implications; for instance, violating China’s new regulations can lead to fines of up to $7 million, along with demands to shut down business in the region.”

China’s PIPL regulation is comparable, at least in part, to Europe’s GDPR. It’s the first comprehensive law in China to govern the use of personal information. Processing of data outside China is also governed by this regulation in so far as the data pertains to Chinese nationals.

“As nations around the world increase regulations around the flow of data within their borders, we’re seeing the introduction of new requirements that affect how data is stored, processed, shared and consumed. Odaseva offers products that help large companies stay on the right side of international data laws by helping manage their data lifecycle, enforce data retention policies, and localize data,” said Sovan Bin.

China’s PIPL regulation follows its recent Data Security Law (DSL), which came into effect September 1, 2021, aiming to classify and protect data based on level of importance, with the strictest levels of protection targeting data deemed vital to China’s national interests.