On 28 June 2016, the Cyberspace Administration of China (the “CAC”) released the provisions on the administration of mobile internet applications services (the “Provisions”) which will come into force on 1 August 2016.
The Provisions are aimed at regulating the use of mobile applications and protecting citizens’ rights and coincide with the Chinese government’s recent efforts to prioritise cyber security and protect personal data on the internet.
The Provisions will require mobile application service providers to put in place user information protection mechanisms, inform users of how data is being used, obtain express user consent and comply with the principles of lawfulness and necessity when collecting and using personal data. The Provisions will also require application stores to supervise application service providers to ensure that users’ information is being protected. Liability is being shifted onto application service providers and application stores and the regulatory authorities will only intervene on a case by case basis.
Where an organisation makes mobile apps available to its customers in China, it should be aware of the more stringent obligations contained in the Provisions, and ensure that any apps it offers are compliant by 1 August 2016.
An unofficial translation of the Provisions can be accessed here.