The Cybersecurity Administration of China ('CAC') announced, on 28 December 2021, that Fujian Provincial People's Congress passed its Fujian Province Big Data Development Regulations. In particular, the CAC noted that the regulations create specific provisions, among other things, on the development of Big Data in terms of data collection, data security, safeguards, and legal responsibilities. In relation to personal information, the regulations stipulate that data collection, use, and other activities related to data security management should comply with laws and administrative regulations, safeguard national security and public safety, and protect personal information.

Further to the above, the regulations note that data activities involving personal information must comply with the provisions of laws and administrative regulations, namely de-identifying or anonymising collected personal information, recording the process of data processing, and not disclosing or tampering with collected personal information. Moreover, the regulations provide that no enterprise, body, or individual may illegally collect, disseminate, disclose, tamper with, or trade data involving national interests, public security, trade secrets, or personal information, among others. Furthermore, the regulations clarify that it will apply to the development of Big Data and its related activities within the administrative region of Fujian.

The regulations will enter into effect on 1 February 2022.

You can read the press release here and the regulations here, both only available in Chinese.