Digital Policy Alert logo

China: Consultation opened on Regulations on the Protection of Minors on the Internet (Draft) including data protection requirement

Policy overview

Description

Consultation opened on Regulations on the Protection of Minors on the Internet (Draft) including data protection requirement

On 14 March 2022, the Cyberspace Administration of China (CAC) published and opened a consultation on the Regulations on the Protection of Minors on the Internet (Draft), which include rules on data governance concerning minors. The consultation will close on 13 April 2022. The Regulations would require online service providers to implement real identification checks. The processing of the personal information of minors would be limited to necessary information for specific purposes, and the sharing of such information with third parties would generally be prohibited. Finally, processing the personal information of minors under fourteen would require the consent of the minor's guardian.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2022-03-14
in consultation

On 14 March 2022, the Cyberspace Administration of China (CAC) published and opened a consultation …

2022-04-13
processing consultation

On 13 April 2022, the Cyberspace Administration of China (CAC) has closed the consultation on the R…

2023-09-20
adopted

On 20 September 2023, the "Regulations on the Protection of Minors on the Internet" was approved by…

2024-01-01
in force

On 1 January 2024, the Regulations on the Protection of Minors on the Internet entered into force. …

Key regulatory dimensions

Regulated subjects

The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type Private organisation
Economic activity platform intermediary: user-generated content
Category All

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.
personal data (all forms): data collection
Regulatory tool
Preventive security requirement
Responsive security requirement
User notification requirement
User identification requirement
Sanctions
Fine
Regulated subjects
1
personal data (all forms): transfer (any destination)
Regulatory tool
Risk or other impact assessment requirement
Preventive security requirement
Responsive security requirement
User notification requirement
User identification requirement
Sanctions
Fine
Regulated subjects
1
personal data (all forms): data processing
Regulatory tool
Preventive security requirement
Responsive security requirement
User notification requirement
User identification requirement
Sanctions
Fine
Regulated subjects
1
content: harmful speech: hosting (any form)
Regulatory tool
Sanctions
Fine
Regulated subjects
1
own content: any format: hosting (any form)
Regulatory tool
Definition of oversight agency jurisdiction
Sanctions
Fine
Regulated subjects
1
user content: any format: hosting (any form)
Regulatory tool
Definition of oversight agency jurisdiction
Sanctions
Fine
Regulated subjects
1

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.

personal data (all forms): data collection

personal data (all forms): transfer (any destination)

personal data (all forms): data processing

content: harmful speech: hosting (any form)

own content: any format: hosting (any form)

user content: any format: hosting (any form)