CHINAChina was voted the world's worst for internet freedom in 2015, accordi

1. CHINA
2.  
3. China was voted the world's worst for internet freedom in 2015, according to Freedom on the Net survey: https://freedomhouse.org/report/freedom-net/2015/china
4. China often has wide-raging and vaguely written laws. It has no proper national framework to govern the use or disclosure of personal data. Tech companies, both foreign and local, are often left confused as to what the laws mean for them. National Security is a term that can be used as a reason for just about anything relating to data privacy.
5. China blocks a huge amount of outside traffic, and heavily censors its internal internet traffic. Being communist, privacy in China is not guaranteed. Data is intercepted and censored. Knowing they will be tracked, helps further censorship. The sweeping laws and punishments also help to ensure that Chinese people are careful and wary of what they post online.
6. Despite serious censorship, and the estimation of having the most regular internet users in the world, China does not yet have major data protection and online privacy laws.
7.  
8. ←-Law governing bodies:
9.  
10. China's MIIT = Ministry of Industry and Information Technology.
11.  
12. National People's Congress(NPC) – highest legislative authority
13.  
14. State Internet Information Office
15.  
16. Chief Information Office of the Chinese Government (falls under the PRC)
17.  
18. LAWS/REGULATIONS – LINKS/NEWS ARTICLES
19.  
20. ***Counter Terrorism Law of the People's Republic of China***
21.  
22. http://chinalawtranslate.com/%E5%8F%8D%E6%81%90%E6%80%96%E4%B8%BB%E4%B9%89%E6%B3%95-%EF%BC%882015%EF%BC%89/?lang=en
23.  
24. == Articles about it:
25.  
26. http://thediplomat.com/2016/01/chinas-comprehensive-counter-terrorism-law/
27.  
28. http://www.bbc.com/news/world-asia-china-35188137
29.  
30. http://www.ibtimes.com/chinas-anti-terrorism-law-could-mean-trouble-apple-encryption-us-tech-companies-2242991
31.  
32. http://globalriskinsights.com/2016/01/breaking-down-the-implications-of-chinas-new-anti-terrorism-law/
33.  
34. ***National People's Congress Standing Committee Decision concerning Strenthening Network Information Protection (“Decision”)***
35.  
36. https://chinacopyrightandmedia.wordpress.com/2012/12/28/national-peoples-congress-standing-committee-decision-concerning-strengthening-network-information-protection/
37.  
38. ==Articles:
39.  
40. https://www.coe.int/t/dghl/standardsetting/dataprotection/National%20laws/Taiwan-CP-DPLaw.pdf
41.  
42. http://www.faegrebd.com/new-rules-for-personal-data-protection-in-china
43.  
44. ==Summary article about it:
45.  
46. http://www.dataprivacymonitor.com/online-privacy/china-adopts-privacy-legislation-strengthening-online-personal-data-protection/
47.  
48. ***First National Standard of Personal Information Protection, Feb 1, 2013. This is the first national standard for personal information guidelines***
49.  
50. - These are guidelines only and not backed by law or subject to penalties for non-compliance.
51.  
52. http://www.china-briefing.com/news/2013/02/04/chinas-first-national-standard-on-personal-information-protection-to-take-effect.html
53.  
54. ***Provisional Regulation for the Development of Management of Instant Messaging Tools and Public Information Services***
55.  
56. http://www.hrichina.org/en/press-work/hric-bulletin/china-issues-new-regulations-mobile-text-and-voice-messaging-services-hric
57.  
58.  
59. Summary of Laws
60.  
61.  
62. ***Counter Terrorism Law of the People's Republic of China***
63.  
64. Article 3 of this law briefly describes, in part, the definition of terrorism as follows:
65.  
66. “Terrorism" as used in this Law refers to propositions and actions that create social panic, endanger public safety, violate person and property, or coerce national organs or international organizations, through methods such violence, destruction, intimidation, so as to achieve their political, ideological, or other objectives.
67.  
68. - this law further strengthens censorship of foreign media
69. - telecommunications and ISP companies must provide the government with technical assistance when required, including decryption
70. - Everyone is forbidden to be reporting on the following subjects:
71. *details of incidents that may lead to copycat attacks
72. *no cruel or inhuman images
73. *no ID information on response or hostage personnel, or anti-terror responses. Media may do so with permission.
74. - this law has been criticised as it further censors an already heavily censored press
75. -Privacy and human rights may be affected by this law, due to its far-reaching potential implications. China places huge empasis on being able to control and censor the internet and their people.
76.  
77. ***National People's Congress Standing Committee Decision concerning Strenthening Network Information Protection (“Decision”)***
78.  
79. This was enacted by the Standing Commitee of the Chinese NPC in December, 2012.
80. - ISPs and other organisations are required to state their objectives, methods and scope of collection and use of data collection during their business tasks.
81. - They must also obtain consent from the user.
82. - ISPs must safeguard and strengthen the management of personal data.
83. -Individuals and organisations are prohibited from personal online information via theft, or other illegal means. They are also prohibited from selling or providing that information to others.
84. - Where citizens discover that individual privacy has been dissemenated or other network information infringes their lawful rights and interests, they have the power to require the network provider to delete the information or adopt measures to cease it.
85. - State organs and their staff must keep the secrecy of citizens personal electronic information that they learn in the course of their duty. They may not divulge it or illegally sell it to another person.
86. -Policies must be published outlining data collection by organisations.
87. -People must be informed of how, for what purpose, and what range that their data is collected.
88. - Consent must be given by the individuals prior to the collection of their data.
89.  
90. ***First National Standard of Personal Information Protection, Feb 1, 2013. This is the first national standard for personal information guidelines***
91.  
92. These are guidelines only and not subject to law or penalties for non-compliance.
93.  
94. - They were brought about due to the increasingly large amount of data leakage.
95. - Processing of personal information must be for specific, clear and reasonable purposes.
96. -Data must be deleted once it has been used.
97. - Consent must be gained first from a well-informed individual.
98. -These guidelines divide information into general and sensitive; sensitive being info given via, or obtained by, express consent. Examples are ID cards, personal preferences, and finger prints. General information relates to other info that can be gathered so long as the indiviual does not object.
99. -Also, information/personal data gathered outside the need for it is forbidden.
100. -Consent is needed when Chinese information is passed outside of China.
101.  
102.  
103. ***Provisional Regulation for the Development and Management of Instant Messaging Tools and Public Information Services***
104.  
105. This regulation requires that:-
106.  
107. -IM Service providers obtain qualifications (permits) before providing information services
108. -Before registration, IM users must authorise with their true Ids.
109. -Users must undergo examination and verification before providing public information. If the information they provide is news, it must already be recorded in China elsewhere.
110. -Unless they have obtained qualifications, no account may publish or reprint content on current events.
111.  
112.  
113. STORIES AROUND PRIVACY AND CENSORSHIP
114.  
115. 1. http://www.rfa.org/english/news/china/three-online-activists-arrested-04022015110059.html?searchterm:utf8:ustring=Liang+Qinhui
116.  
117. Three people were arrested because of tweets they had posted. They were arrested on suspicion of “incitement to subvert state power”. They had simply posted pro-democracy and satorial tweets, and tweets around political awakening. Liang Qinhui, Zheng Jingxian and Huang Qian were all detained separately by the police. See also below.
118.  
119. 2. http://www.rfa.org/english/news/china/china-hongkong-04082016134146.html
120.  
121. Four rights activists in the province of Guandong were each handed jail terms of up to four years. Liang Qinhui, also from the previous story, was handed an 18-mth sentence, but not before he was detained for many days, according to his fiancee. The other three were also given four – four and a half years all for “incitement to subvert state power.” All men had openly supported the Occupy movement. At least 100 more supporters of this were also jailed.
122.  
123. To note: Posting online is enough to be charged with subversion. One of the lawyers said of the situation, “This verdict and sentence are ridiculous and...have been handed down in a situation where the ruling Chinese Communist Party has a total monopoly on power.” - Tan Chenshou
124.  
125. 3. https://en.wikipedia.org/wiki/Li_Zhi_%28dissident%29
126.  
127. https://en.wikipedia.org/wiki/Criticism_of_Yahoo!#Outing_of_Chinese_dissidents
128.  
129. A few Chinese dissidents have been jailed aftre Yahoo cooperated with China to disclose their details. A journalist working for a Chinese newspaper, Shi Tao, was sentenced to ten years in 2005. She was charged with “providing state secrets to foreign entities.” The secrets were in fact a short list of censorship orders that were sent via an anonymous Yahoo email account. Yahoo were asked to provide the email registration information, IP addresses, all login times and other email content, which they did.
130.  
131. Li Zhi was sentenced to eight years in prison in 2003, for criticising corruption and for trying to join the banned Democracy Pary of China. Yahoo also partly played a role in her capture by again providing account details.
132.  
133. In September 2003, Wang Xiaoning was sentenced to ten years in prison. Yahoo provided his account details to Chinese authorities. He was using his Yahoo account to publish pro-democracy articles online. His wife sued Yahoo in 2007, for supplying his private information. It was settled out of court.
134.  
135. FURTHER LINKS ON OTHER IMFORMATION OF INTEREST
136.  
137. http://www.aljazeera.com/news/2015/12/china-expel-french-journalist-uighur-report-151226141810827.html – French journalist had visa cancelled after reporting on repression of a group in China. (more to do with censorship)
138.  
139.  
140. http://qz.com/620076/beijing-is-banning-all-foreign-media-from-publishing-online-in-china/ - again, more to do with censorship than privacy
141.  
142. https://www.insideprivacy.com/category/international/china/
143.  
144. https://www.bluecoat.com/resources/cloud-governance-data-residency-sovereignty/china-data-privacy-laws
145.  
146. https://www.hg.org/article.asp?id=5340 very brief overview of privacy
147.  
148. https://cs.stanford.edu/people/eroberts/cs181/projects/communism-computing-china/privacy.html == explaining china approach or lack of it, towards privacy.
149.  
150.  
151. VPNS
152.  
153. - The Chinese use VPNs to access the normal internet in a severely censored country.
154. - Current law requires VPN users to register with MIIT (see top)
155. - Access to VPNs is now sometimes being blocked
156. - After the latest updates had been done to China's firewall (“The Great Firewall of China”), at least three VPN service providers had their services affected. They include Astrill, Strong VPN and Golden Frog.
157.  
158. Some further links to information:
159.  
160. http://www.usatoday.com/story/tech/2015/01/23/china-internet-vpn-google-facebook-twitter/22235707/
161.  
162. http://www.bbc.com/news/technology-30982198
163.  
164. http://www.gov.cn/xinwen/2015-12/28/content_5028407.htm
165.  
166.  
167.  
168. THE GREAT FIREWALL OF CHINA
169.  
170. This is somewhat unrelated to privacy, but due to censorship dominating the internet and filtering literally everything, I thought I would include some brief information about it anyway. Feel free to discard if you wish.
171.  
172. While some VPNs appear to have been blocked during updates, as mentioned above, others have reported that previously unsusable ones can now be accessed. This appears to be due to a serious vulnerability that has not been patched yet, despite being discovered in 2013.
173.  
174. Google cached sites were once used to access blocked sites, now they seem unreliable. However, users contine to find new ways around the blocks and scrutiny.
175.  
176. en.wikipedia.org/wiki/Internet_Censorship_in_China
177.  
178. One clever way of getting around censorship is steganography. If you haven't herad of it, it involves concealing a message within a hidden file. For example, a text doc, image, program, etc. Media files are often used due to their large size. To find the hidden message, a user may change the colour of every 50 or 100th pixel to correspond to a colour of the alphabet. It is likely to go undetected.
179.  
180. en.wikipedia.org/wiki/steganography
181.  
182. The Golden Shield Project (a part of the Great Firewall of China) is China's censorship program to monitor internet traffic.
183. - It is a censorship and surveillence project
184. - It was initiated in 1998, and began in November 2003
185. - It is operated by the Ministry of Public Security (MPS)
186. - It blocks unfavourable foreign content
187. - It is now used to attack foreign sites. One example was when it attacked Github, which caused it to shut down for 5 days.
188. https://www.google.se/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwit-eP2j8zMAhVCVhQKHVfVCLwQFggbMAA&url=http%3A%2F%2Farstechnica.com%2Fsecurity%2F2015%2F03%2Fmassive-denial-of-service-attack-on-github-tied-to-chinese-government%2F&usg=AFQjCNHeLlr6q1W2Uw1QysTLQ-iw72uOVQ&bvm=bv.121421273,d.bGs
189.  
190. Tor was blocked, also, and still is using http. But it is not blocked using https. However, almost all of its listed 3000 public relays are blocked. To counteract this and allow users access, tor uses non-public bridges. The Great Firewall of China are also targetting these.