Reasonable use and effective protection of personal information has become a popular topic that has caught the attention of industry, individuals and the general public. As the use of personal information becomes more and more prevalent in commercial as well as day-to-day activities, there are more and more instances involving what appears to be misuse of personal information.
In early February, China's Ministry of Industry and Information Technology ("MIIT") released a draft State standards document entitled "Information Security Technology: Personal Information Protection Guidelines" (the "Guidelines") for public comment. The Guidelines were drafted by China's Information Security Standardisation Technical Committee under the direction of MIIT's Department of Information Security Coordination. The deadline for the submission of comments was 28 February 2011.
The draft Guidelines were formulated for the purpose of improving the protection of personal information, protecting the legitimate rights and interests of individuals, promoting reasonable use of personal information and guiding and regulating activities that involve the use of information systems to process personal information. The draft Guidelines, which are intended to apply to activities relating to the use of information systems to process personal information, set out to clarify the concepts of personal information processing and the rights of the data subject. The draft Guidelines also set out specific requirements in relation to the acts of collecting, processing, transferring, using, blocking and erasing personal information, which are set to become mandatory State standards once they are officially promulgated.