China’s MIIT To Release Privacy Protection Standards


A net user scanning his train ticket to reveal encoded personal information.

Protecting your personal information online is important. And a series of high-profile hacks late last year shed light on the fact that many companies are storing information for too long and doing too little to protect it. Recently, officials at China’s Ministry of Industry and Information Technology revealed that the Ministry has been collaborating with more than thirty other work units on a collection of guidelines that could become the national standards for online privacy protection.

Currently, the guidelines exist in a draft form that has passed the first level of approval and has been submitted to national authorities for critique. Ministry insiders say that what’s up for discussion at this point is mostly just the wording, and expect an official release soon.

The exact nature of the guidelines is not yet clear, nor is it clear how violators of the guidelines would be punished. But the draft reportedly mandates that any service dealing with personal information must establish a system for protecting that information. Moreover, all personal information must be immediately deleted as soon as the “purpose of use” for the information has been met. That means, for example, that e-commerce websites would need to delete a customer’s bank information as soon as they had received payment and completed a sale.

The guidelines sound like good news for net users nationwide, assuming they are approved and can be implemented effectively, and that violators can be held accountable and punished. It will certainly make me feel better about ordering things online if I can be sure vendors aren’t storing my information for long periods of time on unprotected servers for anyone to steal.

[Beijing News via Sina Tech]

(And yes, we're serious about ethics and transparency. More information here.)

Read More