After soliciting public comments since last November, the Chinese Ministry of Public Security (MPS) published the finalized Guideline for Internet Personal Information Security Protection (Guideline) on April 10, 2019. The Guideline applies to Personal Information Holders, defined as entities or individuals that “control and process personal information” through their provision of services using the Internet,
Xiaoyan Zhang
California lawmakers propose new CCPA amendments that address major concerns of the business community while preserving the privacy law
Last week, the California Assembly’s Committee on Privacy and Consumer Protection, which exercises jurisdiction over privacy and personal information protection matters, approved several amendment bills intended to clarify and narrow the scope of the California Consumer Privacy Act (CCPA or the Act). In January 2020, the CCPA will impose landmark burdens and obligations on businesses…
Algorithmic Accountability Act proposed by U.S. lawmakers
On April 10, U.S. lawmakers introduced the Algorithmic Accountability Act (the AAA). The AAA empowers the Federal Trade Commission (FTC) to promulgate regulations requiring covered entities to conduct impact assessments of algorithmic “automated decision systems” (including machine learning and artificial intelligence) to evaluate their “accuracy, fairness, bias, discrimination, privacy and security.” The bill is evocative…
Draft amendments to China’s personal information standards proposed
China’s National Information Security Standardization Technical Committee issued draft amendments (Amendments) to the standards that govern the protection of personal information, “Information Security Technology – Personal Information Security Specification” (Standards, effective May 1, 2018) on February 1, 2019. The Standards provide guidance on interpreting China’s Cybersecurity Law (CSL) and set out best practices for the…
The new China cybersecurity inspection regulation broadens PSB authority
China’s new “Regulation on the Internet Security Supervision and Inspection by Public Security Organs” went into effect on November 1, 2018. It is the latest regulation passed by China’s Ministry of Public Security that executes China’s Cybersecurity Law, which took effect in June of last year. The regulation gives China’s Public Security Bureaus (PSBs) broad…
Southeast Asian nations to form regional framework for cybersecurity cooperation
The Association of Southeast Asian Nations (ASEAN) announced last week that it will create a rules-based framework for its 10 member states to cooperate on cybersecurity matters.
The 10 ASEAN members are Singapore (which is the chair for ASEAN this year), Malaysia, Indonesia, the Philippines, Thailand, Vietnam, Brunei, Myanmar, Laos and Cambodia.
Singapore is expected to take the lead in drawing up a mechanism that facilitates cross-country collaboration on cyber policy development, capacity building and operational issues. ASEAN recognized that such a system would need to be flexible and take into account the economic considerations of the different member states.
Although the framework is still in an early phase of development, greater cross-border cooperation will likely take place among regulatory authorities in the various ASEAN members, as well as the introduction of more cybersecurity laws at a national level.
Continue Reading Southeast Asian nations to form regional framework for cybersecurity cooperation
“Privacy First Policy” to be on November ballot in San Francisco
San Francisco voters will decide on November 6, 2018, whether to enact the city’s “Privacy First Policy” that intends to protect the personal information of residents and visitors from misuse by companies doing business in San Francisco. The policy builds upon the California Consumer Privacy Act passed in June 2018, which gives consumers various rights,…