China Passes Data Protection Law

The US does not.

In 2018 the European Union had surpassed the United States in protecting consumers when its General Data Protection Regulation (GDPR) took effect. EU citizens are now in control of their personal data (arguably their lives). Each EU citizen now has a fundamental right to;

1. access – to be informed what personal data is collected and how is it used
2. notification – to be informed when that data has been mishandled or leaked
3. receive – to be permitted to see, correct, or obtain that data.
4. be forgotten – to be “forgotten.” Meaning: all this data can be taken back.

Now, China has drafted its new data protection law. It will go into effect on November 1st. The Personal Information Protection Law (PIPL) will strengthen the regulatory framework for privacy and data protection in China. It aims to

“protect the rights and interests of individuals,”
“regulate personal information processing activities,”
”safeguard the orderly flow and protection of data,”
“facilitate reasonable use of personal information.”

Companies from all countries, including the tech giants in the US, are now obligated to protect the rights of EU and Chinese citizens. These companies are not obligated to protect US citizens – they have no rights to data privacy defined by the EU or China.

The US has no data protection law. The US has no regulatory framework for privacy and data protection.