A comparative analysis of personal data protection regulations between the EU and China

The growth of e-commerce and other platforms has significantly increased the amount of personal data that is shared and submitted online; however, the adequate and secure collection and processing of these data is of great concern. With the EU’s implementation of a new data protection regulation in 2018, the development of personal data protection globally has reached an important turning point and has sparked the interest of scholars and businesses. Text coding was employed to compare the current personal data protection regulation landscape in the EU and in China to discover the differences between the General Data Protection Regulation and the personal data protection regulations of the fastest-growing economy in e-commerce. The results show that while there are several similarities in regard to general requirements, such as principles of data processing and basic rights for data subjects, China’s personal data protection regulations tend to lack specific operational requirements and strong legal enforcement. Based on the research results, implications and recommendations for the government and companies are provided.

[1]  Colin J. Bennett Privacy Advocacy from the Inside and the Outside: Implications for the Politics of Personal Data Protection in Networked Societies , 2011 .

[2]  Bianca C. Reisdorf,et al.  The emergence of a “digital underclass” in Great Britain and Sweden: Changing reasons for digital exclusion , 2017, New Media Soc..

[3]  W. Gregory Voss,et al.  Personal Data and the GDPR: Providing a Competitive Advantage for U.S. Companies , 2019, American Business Law Journal.

[4]  M. E. Gonçalves The risk-based approach under the new EU data protection regulation: a critical perspective , 2020, Journal of Risk Research.

[5]  Clare Linda Sullivan,et al.  EU GDPR or APEC CBPR? A comparative analysis of the approach of the EU and APEC to cross border data transfers and protection of personal data in the IoT era , 2019, Comput. Law Secur. Rev..

[6]  Graham Greenleaf,et al.  South Korea's innovations in data privacy principles: Asian comparisons , 2014, Comput. Law Secur. Rev..

[7]  Yang Feng The future of China’s personal data protection law: challenges and prospects , 2019, Asia Pacific Law Review.

[8]  Yuehua Wu,et al.  Protecting personal data in E-government: A cross-country study , 2014, Gov. Inf. Q..

[9]  Guosong Shao,et al.  Assessing China's Cybersecurity Law , 2018, Comput. Law Secur. Rev..

[10]  Jesper Zerlang GDPR: a milestone in convergence for cyber-security and compliance , 2017, Netw. Secur..

[11]  Learning about Digital Trade: Privacy and E-Commerce in CETA and TPP , 2019, World Trade Review.

[12]  H.R.B.M. Kummeling,et al.  The New Silk Road: a bumpy ride for Sino-European collaborative research under the GDPR? , 2019, Higher Education.

[13]  Angela Daly The introduction of data breach notification legislation in Australia: A comparative view , 2018, Comput. Law Secur. Rev..

[14]  Christian Matt,et al.  How Data Protection Regulation Affects Startup Innovation , 2019, Information Systems Frontiers.

[15]  Akber Datoo Data in the post-GDPR world , 2018 .

[16]  Yi Ren,et al.  A privacy policy conflict detection method for multi-owner privacy data protection , 2011, Electron. Commer. Res..

[17]  Marjorie S. Price Internet privacy, technology, and personal information , 2020, Ethics and Information Technology.

[18]  M. Goddard The EU General Data Protection Regulation (GDPR): European Regulation that has a Global Impact , 2017 .

[19]  Xi Chen,et al.  Factors affecting privacy disclosure on social network sites: an integrated model , 2010, Electronic Commerce Research.

[20]  Nils Urbach,et al.  Building a Blockchain Application thatComplies with the EU General DataProtection Regulation , 2019, MIS Q. Executive.

[21]  Bart Custers,et al.  A comparison of data protection legislation and policies across the EU , 2018, Comput. Law Secur. Rev..

[22]  Dolores-Fuensanta Martínez-Martínez Unification of personal data protection in the European Union: Challenges and implications , 2018 .

[23]  Chenguo Zhang China's new regulatory regime tailored for the sharing economy: The case of Uber under Chinese local government regulation in comparison to the EU, US, and the UK , 2019, Comput. Law Secur. Rev..

[24]  Pamela Lattanzi,et al.  China's legal framework for pharmaceutical products: challenges and opportunities for EU companies , 2017 .

[25]  M. Wohlfarth,et al.  Market power, regulatory convergence, and the role of data in digital markets , 2017 .

[26]  Wu He,et al.  The Impact of GDPR on Global Technology Development , 2019, Journal of Global Information Technology Management.

[27]  Lawrence Ryz,et al.  A new era in data protection , 2016 .

[28]  Johnny Saldaña,et al.  The Coding Manual for Qualitative Researchers , 2009 .