LANGUAGE
KOREAN
What is Data Protection Laws
Data protection laws are created as a legal framework to address the issues that come with obtaining, using and storing data of natural persons. These laws are formed to protect the rights of the natural persons regarding their private information. Consent and the rights to know the source of personal information makes the basis of such laws. Although the scope and the context might be different in detail, more than 80 countries have adopted such laws.
The privacy data regulatory environment continues to add new requirements on the global stage.
The most recent is China's Personal Information Protection Act (PIPL), which came into force in November 2021. Like the EU GDPR, which began two years ago, PIPL is not bound by only one border, China. As experienced in GDPR, when dealing with personal identifiable information of EU citizens, EU GDPR includes services hosted outside the EU, and all organizations dealing with personal information are obligated to follow GDPR even on the out of the border. Just as India and Brazil enacted their own comprehensive general data protection law after the emergence of the European GDPR, China's PIPL is likely to affect not only neighboring countries but also countries around the world and has no choice but to be applied to all countries linked to China.
Meanwhile, digital transformation, hybrid work options and continued adoption of cloud services will enable data to be processed in more places than ever before. To adapt to an ever-evolving environment, organizations need to gain control over their personal data processing activities.
The privacy data regulatory environment continues to add new requirements on the global stage.
The fine can be up to 50 million yuan, equivalent to 5% of the annual revenue for the previous fiscal year (Article 66). Unlike GDPR, PIPL does not specify whether annual revenue means global sales or sales generated in China. In addition, since PIPL does not set minimum penalties, regulators have wide discretion over penalties to be imposed in case of violation. Regulatory authorities may order corrective actions, warnings, confiscation of illegal revenues, and cessation of services or imposition of fines if the data processing entity violates the requirements of the PIPL. The fine can be up to 50 million RMB or equivalent to 5% of the annual revenue for the previous fiscal year (Article 66). Unlike GDPR, PIPL does not specify whether annual revenue means global sales or sales generated in China. In addition, since PIPL does not set and define minimum penalties, regulators have wide discretion over penalties to be imposed in case of violation.
Such data protection laws are in the center of our solution HIWARE. In order to comply with such complicated laws, companies need HIWARE to easily comply with the requirements of it. This means, if a company is using our solution correctly, there will be no liability when it comes to the related law enforcements. HIWARE is compatible with all kinds of data protection laws. We will take care of preparing you company for the complicated and messy personal data protection laws so that you can focus on your business.