China’s most pioneering special economic zone, the one that is now referred to as a PDZSCC, Shenzhen has broken what appears to be new international ground on consumer data-protection laws. As reported by the municipal government this week, a new set of regulations stipulates that:
- App-makers may not deny service to users who do not consent to “over-collection” of their personal information;
- Users may specifically refuse consent for data-driven behavioral profiling;
- Apps may not make personalized recommendations to children under the age of 14;
- Users may not be forced to submit to facial recognition;
There are also some key provisions related to app makers using “illegal means to obtain data from other market entities,” which is a bit unclear.
Fines can range from 50,000 yuan to 500,000 yuan in “standard” cases, whereas in “serious” cases, they can be as high as 5% of the app-maker’s previous year’s revenue.
More on SZRD