SHANGHAI (Reuters) – A number of China’s top regulators published draft guidelines on Monday dictating how apps must protect the privacy and personal information of users.
The rules, drafted under the guidance of the Cyberspace Administration of China along with its Ministry of Industry and Information Technology and the State Administration of Market Regulation, come as China’s tech giants face an ongoing wave of scrutiny from policymakers.
The guidelines call for apps to disclose to users what personal information will be collected and for what purpose, and orders apps not to collect users’ personal information without first obtaining consent.
Meanwhile, when processing sensitive personal information such as “race, ethnicity, religious belief, personal biometrics, medical health, financial accounts, personal whereabouts, etc,” users should receive a separate notification.
Apps should only collect a minimum amount of information and should not obtain personal information that goes beyond the scope of the user’s consent or which is not related to the app’s main purpose.
The draft regulations also call on “app distribution platforms” to register and verify the true identify of app developers, to refrain from deceiving users into downloading certain apps, and to carry out standardized reviews of personal information processing activities upon the launch of new apps.
They also urge app stores to establish credit scores for app developers, and to set up portals to handle complaints from the public.
The regulations will be open for comment until May 26.
In recent years, Chinese policymakers, concurrent with those in other countries, have steadily called for more thorough regulations dictating how internet companies manage the user data they collect.
The new draft regulations also arrive as Chinese tech companies such as e-commerce giant Alibaba Group Holding Ltd and food-delivery app Meituan faced investigations from the country’s anti-monopoly regulator.
(Reporting by Josh Horwitz; Editing by Bernadette Baum)