Data protection at home and abroad: a comparison of approaches
Data protection is not yet as high on the agendas of the boards of Chinese companies as it is for multi-national companies (“MNCs”). This is hardly surprising, as China has no designated data protection regulator, has only recently started writing significant regulations in this area, and lists only very modest fines for infringements. Given the disparity of experience between Chinese companies and MNCs, it is worth unpacking what makes data protection such an important issue for many and to test the temperature as to where regulation might go in China in the future. Data protection is a massive regulatory area. Multi-national companies require multi-jurisdictional advice on data protection. In some jurisdictions, notably across the EU, potential fines for data protection compliance infringement now rival anti-trust enforcement penalties. Cyber-security risks are a universal problem. This article is about the comparison of data protection approaches between China and foreign countries.