Chinese first Personal Information Protection Law in contrast to the European GDPR, CRi 1/2022

The development of big data brings convenience to life but also breeds chaos. The first personal information protection law of PRC was designed to curb collection of excessive personal information and its misuse, which is often a subject of complaints, the law seeks to ensure users' knowledge and consent when their personal data is collected and processed. This article compares relevant regulations of the PIPL with the GDPR with regard to 13 different aspects. From the comparison, we can see that most regulations in the PIPL are similar to those in the GDPR, especially in the context of general processing principles and data subject’s rights. But there are still some differences at other aspects, such as cross-border data transfer rules.

The entire article by Starke Managing Counsel Daniel Albrecht can be found in  Computer Law Review International, 1/2022, publishung house Otto Schmidt.