PBOC urges stronger coordination to protect personal data

China's central bank governor urged strengthening the international coordination of protecting personal data, especially in the anti-trust, data regulation and consumer protection fields.

The legislative, the judicial and the administrative bodies from various countries should join hands to promote the standard-setting process for personal data protection, given the fast cross-sector and cross-regional development of financial technologies, Yi Gang, governor of the People's Bank of China, said on Wednesday.

The PBOC has been focusing on cracking down on the excessive collection of consumer data and "unfair clauses" outlined by fintech companies, which require consumers to provide personal information in exchange for accessing financial services, Yi said in his keynote speech via video at a forum of the 2021 Hong Kong Fintech Week.

Under the current regulatory framework, financial institutions in China are required to collect, use and store information following the principle of "minimum necessity" and in accordance with laws. They should protect the privacy of individuals when using personal information for commercial purposes, Yi added.

In order to protect personal credit information, Chinese financial regulators have required fintech companies to isolate their personal credit information business units. Financial institutions are allowed to provide such services only after they receive licenses.

"Some big tech firms have either collected data without permission or misused them. There are also cases of customer data leakage. Therefore, it is urgent to strengthen personal data protection," the PBOC governor said at the forum.

China issued the Data Security Law and the Personal Information Protection Law were promulgated in June and August respectively. It means that a legal framework for personal data protection has been formed. On Sept 30, the PBOC issued the Administrative Guideline for the Credit Information Business.

"The ultimate purpose for data protection is to promote its proper usage," said Yi. "On the premise of protecting personal privacy, we will try to define data ownership in a more accurate manner, facilitate data transactions and promote fairer use of data, to unleash the vitality and innovation capacity of market players."