Shanghai is speeding up its data security and privacy protection legislation with a new law expected to be in force by the end of the year or early next.
The protection level will be higher than Europe’s GDPR, or General Data Protection Regulation, according to Hui Zhibin, director of the Internet research institute under the Shanghai Academy of Social Sciences.
Hui, a member of China’s National Information Security Standardization Technical Committee, an industry association, is attending the legislation process in Shanghai.
China is also ramping up data and privacy protection legislation, deputies told the recent meeting of the National People's Congress.
Tan Jianfeng, director of the Shanghai Information Security Trade Association, said data security had become a bottleneck in China’s development of its digital economy, especially with the huge volume of data created and used by big data, 5G and artificial intelligence applications.
The leaking and misuse of data and personal information had limited the healthy development of China's digital economy and international competition, Tan said.
The Shanghai legislation will cover issues such as definitions of sensitive data, regulations on gathering and using data and punishments for people and organizations breaking the law, Hui said.
The new law will cover Shanghai’s two city-level networks offering government services online and improving urban management with technologies such as 5G and data analysis.
The Sui Shen Ma system, which uses a QR code to record residents' health condition (green for healthy and red for alert) will also come under the new law.
Sui Shen Ma, which tracks people’s identities, location and personal information, covers around 12 million people in Shanghai.