The European Parliament’s Directorate-General for Internal Policies, Policy Department C: Citizens’ Rights and Constitutional Affairs has produced an In-depth analysis of the data protection regime in China.
Those who consider that the present privacy regime in the EU is complex will find that this is nothing compared to that which obtains in China. As the introduction to this analysis says:
China has no comprehensive data collection act but several relevant sectorial laws that, under a combined reading together with basic criminal and civil law provisions, may add up to a data protection “cumulative effect”.
This has real practical implications for those who do business with China or who are required to collect data in China pursuant to criminal, civil or civil litigation or regulatory requirements in the EU, the US or elsewhere.
The analysis emphasises that terms like “data protection” may have meanings in China which are different from those of the EU; it stresses that no global standard exists; it ranges beyond pure data privacy and into human rights, and into the availability of redress.
Its 30 pages are well worth reading. My thanks to @PrivacyMatters for drawing our attention to it.