Half a loaf is better than none: The new data protection regime for China's platform economy

Abstract

The global platform economy is entering a new era of regulation. This trend is attested by one of the most recent regulatory endeavours to curb market failures as manifested within the China's platform economy. The Personal Information Protection Act, effective as of November 2021, erects a comprehensive regulatory framework to address information asymmetry and power imbalance concomitant with big data handling. This paper contributes an analytical overview of why and how the new regulation is shaped by focusing on its legislative background, substantive rules and enforcement mechanisms. The influence of the GDPR in shaping this regulatory paradigm is scrutinized, with reference to pertinent concerns that could compromise the effectiveness of this paradigm in the Chinese context. The central edifice is that this landmark statutory instrument, broadly resembling the GDPR with certain variations, revamps the existing data protection regime in China. Nevertheless, as in its current form, the law fails to address several critical matters. The tentative conclusion is that the current construction of PIPA is necessary but far from sufficient. Alas, half a loaf is better than none.