NISSTC is a government committee jointly supervised by the Standardization Administration of China and the Cyberspace Administration of China. In addition to the government agencies, several Chinese research institutions and Internet companies, including Tencent and Alibaba, will also participate in the working group.
The PIS Standard would be a non-binding guideline serving as a bottom line for the data privacy and security practices of companies, including internet companies, operating in China. The NISSTC officials seek to limit the kinds of information companies are permitted to collect, and that certain data protection-related conditions would be imposed on providers of information services and the design of relevant software.
Although the contemplated PIS Standard would not be legally binding, its content may influence the future trajectory of data privacy and security-related legislation amid calls for a more comprehensive legal regime governing the protection of personal information.
As regulators generally wield significant discretion in the interpretation and application of often vaguely worded laws and regulations, such a standard could serve as a barometer for assessing legal compliance.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now