All Multinational Companies operating in China should abide by the Personal Information Protection Law (PIPL) of China from November 1st, 2021. Otherwise, the permission for the company to conduct business operations will be seized for violating rules.
Also, Chinese state authorities will from now on indulge in assessing the process of how professional institutions are handling and processing data to get PIPL certification.
To those uninitiated, the newly planned legislation was passed in the house in August this year and came into effect on the first day of November 2021, after qualitative revision.
To sum-up PIPL is a law that makes it mandatory for companies to process and store data related to Chinese consumers on the same soil. Therefore, data must not cross the borders and if it does, the company handling it will be seriously prosecuted, penalized and, sometimes, permanently banned from conducting any more operations in the Xi Jinping led nation.
MNC companies willing to do businesses should agree through a standard contract that they are collecting data of their consumers with all of their consent and fulfilling regulations established by the Cyberspace Administration of China (CAC) authorities.
China’s data protection officers will be asked to supervise the way the data protection laws are being followed in Beijing and will be empowered with the authority to slap hefty fines if/when needed.