China Monthly Data Protection Update
要点提示 Developments Highlights
中共中央:加快构建促进数字经济发展体制机制,完善促进数字产业化和产业数字化政策体系
CCPC: Accelerate Establishment of Systems and Mechanisms Promoting Development of Digital Economy, and Improve Policy System for Promoting Digital Industrialization and Industrial Digitalization
7月18日,中国共产党第二十届中央委员会第三次全体会议提出建设和运营国家数据基础设施,促进数据共享;加快建立数据产权归属认定、市场交易、权益分配、利益保护制度,提升数据安全治理监管能力,建立高效便利安全的数据跨境流动机制。
On July 18, the Third Plenary Session of the 20th Central Committee of the Communist Party of China proposed to build and operate national data infrastructure to promote data sharing; accelerate the establishment of systems for the identification of data proprietary rights, market transactions, rights and interests distribution, and interest protection, enhance data security governance and supervision capacity, and establish an efficient, convenient, and secure mechanism for cross-border data flow.
网安标委发布《数据安全技术 个人信息保护合规审计要求(征求意见稿)》
TC260 Issues Data Security Technology:Personal Information Protection Compliance Audit Requirements (Draft for Comments)
7月12日,全国网安标委发布《数据安全技术 个人信息保护合规审计要求(征求意见稿)》,从国家标准层面提出开展个人信息保护合规审计的审计原则、审计总体要求,为开展个人信息保护合规审计工作提供了指引。
On July 12, TC260 issued Data Security Technology: Personal Information Protection Compliance Audit Requirements (Draft for Comments). The draft proposes audit principles and overall audit requirements for conducting personal information protection compliance audits at national standard level, providing guidance to carry out personal information protection compliance audit work.
首例数据知识产权登记效力案:公开数据不属于商业秘密,但可依反法保护
First Case on Validity of Data Intellectual Property Registration
6月28日,北京知识产权法院对首例数据知识产权登记效力案作出终审判决。法院认为原告公司就涉案数据集取得的《数据知识产权登记证》可作为证明其享有涉案数据集相关财产性利益的初步证据和涉案数据集收集行为或数据来源合法的初步证据。涉案数据集虽然因处于公开状态不符合商业秘密的构成要件,但可为原告公司吸引流量、带来交易机会与竞争优势等商业利益,本质上是一种竞争性权益,属反不正当竞争法所保护的合法权益。
Public Data Not Trade Secret, but Protected UnderAnti-Unfair Competition Law: On June 28, the Beijing Intellectual Property Court issued a final judgment on the first case concerning the validity of data intellectual property registration. The court held that the Data Intellectual Property Registration Certificate obtained by the plaintiff company for the involved dataset could serve as preliminary evidence that the company holds proprietary interests related to the dataset and as initial proof that the collection or source of the dataset is lawful. Although the dataset does not meet the criteria for trade secrets due to its public nature, it can attract clout, create business opportunities, and provide competitive advantages for the plaintiff company. Therefore, it is considered a competitive right protected by the Anti-Unfair Competition Law.
全国网络安全标准化技术委员会发布《数据安全技术个人信息保护合规审计要求(征求意见稿)》
TC260 Issues
Data Security Technology:Personal Information Protection Compliance Audit Requirements (Draft for Comments)
北京经济和信息化局发布《自动驾驶汽车条例(征求意见稿)》,自动驾驶汽车企业需建立数据安全和个人信息保护制度
Beijing MBEI Issues
Autonomous Vehicle Regulations (Draft for Comments)
, Requiring Autonomous Vehicle Enterprises to Establish Data Security and Personal Information Protection Systems
执法机构 Enforcement Authority
北京:加快推动医药健康外资企业数据合规出境
Beijing: Accelerate Promotion of Cross-border Data Transfer Compliance of Pharmaceutical and Healthcare Foreign Enterprises
深圳市网信办公布数据跨境传输政策咨询电话和工作指引
Shenzhen CA Announces Cross-Border Data Transfer Policy Consultation Hotline and Working Guidelines
上海将出台航运数据跨境清单
Shanghai to Issue Cross-border Data Lists for Shipping Sector
上海市网信办发布第二期《咖啡消费场景违法违规收集使用个人信息案例解析》
Shanghai CA Issues 2n
d Release of
Case Analysis of Illegal Collection and Use of Personal Information in Coffee Consumption Scenarios
执法案例 Enforcement Cases
贵州一银行因提供个人不良信息未告知信息主体被罚33.65万元
Bank in Guizhou Fined 336,500 Yuan - Providing Personal Adverse Information Without Informing Subject
上海市网信办公布App收集使用个人信息情况专项检查结果
Shanghai CA Announces Special Inspection Results on App Collection and Use of Personal Information
江西省网信办通报24款APP违法违规收集使用个人信息
Jiangxi CA Notifies 24 Apps - Illegal Collection and Use of Personal Information
四部门所属7家单位利用政务数据违规经营收费2.48亿元
4 Departments’ 7 Units Illegally Operate and Charge 248 Million Yuan Using Government Data
法院诉讼 Courts Litigation
使用AI技术破解人脸识别“摇头”“眨眼”等认证步骤并篡改系统信息,涉案五人获刑
5 People Sentenced - Using AI Technology to Bypass Facial Recognition Steps and Tamper with System Information
建行员工非法出售大量用户信息获利27万余元,判刑并终身禁业
CCB Employee Illegally Sells Abundant User Information for Profit Over 270,000 Yuan, Sentenced and Banned from Industry for Life
首例数据知识产权登记效力案:公开数据不属于商业秘密,但可依反法保护
First Case on Validity of Data Intellectual Property Registration: Public Data Not Trade Secret, but Protected Under
Anti-Unfair Competition Law
不正当抓取地图APP“拥堵延时数据”并使用其盈利,一审判赔1250万元
1st Trial Orders 12.5 Million Yuan Damages for Improperly Capturing Map App’s “Congestion Delay Data” and Using for Prof
it
*自2014年1月开始,大成数据保护团队每月发布中英文双语的中国数据保护月度报告。如需获取全文,请与大成数据保护团队联系。
