A draft document published by the Ministry of Public Security and the Cyberspace Administration of China proposes that Chinese citizens could use digital IDs to avoid providing explicit personal information to internet service providers, framing the idea as part of a strategy to protect personal information and enhance online identity verification.
The draft outlines two forms of cyberspace IDs: one as a series of letters and numbers, and the other as an online credential, both tied to an individual’s real-life identity without disclosing biographical information.
The draft document indicates the creation of a national platform for authenticating and issuing cyberspace IDs. Citizens can voluntarily apply for these IDs, which would eliminate the need to provide personal information when registering for online services.
The aim, according to the Ministry, is to reduce the excessive collection and retention of personal data by internet service providers. The draft sets guidelines for the application process, the issuance of cyberspace IDs, and the types of legitimate identity documents required. It also details data security and personal information protection obligations for the public service platform.
The draft emphasizes the principle of “minimum and necessity” regarding the personal information collected by the digital ID platform. It requires clear explanations, notifications, and data protection measures when handling users’ information.
Public feedback on the draft can be submitted through designated websites, email, or mail by August 25.
Manish Jain, principal research director at Info-Tech Research Group, analyzed China’s proposed Digital Identity policy for CSO, highlighting its potential impact on organizations serving Chinese consumers. Jain compared the policy to India’s Aadhaar system, suggesting it would bring similar benefits, such as improved user trust, reduced fraud, standardized KYC regulations, and lower data handling burdens for organizations.
However, Jain also pointed out several challenges. He compared the policy’s impact to Europe’s GDPR, noting it would affect business and operating models of consumer-facing organizations. Companies would need to budget for costs related to integrating digital IDs, comply with new regulations, and invest in infrastructure upgrades, training, privacy fortification, and legal risk management. Organizations might also be required to replace all personal identifiable information (PII) with the new National Digital ID credentials.
Jain added that China’s approach includes regulatory accountability by two existing bodies, which poses a risk of centralized data control. “This structure presents a risk of centralized data control by the Chinese government,” he explained.
This contrasts with systems in other countries, like India’s Aadhaar, governed by a separate statutory authority, or Australia’s Digital Transformation Agency, which mitigates risks of complete government control and fosters greater trust in digital ID systems.
Jain anticipated that, given the feedback deadline of August 25, China might implement the Digital ID by the end of 2024.
Sources: CSO, State Council Information Office
–
August 1, 2024 – by Cass Kennedy and Alex Perala
Related News
China Launches Network ID Platform as Digital Yuan Expansion Continues
Updated Council of Europe Guidelines Warns Against Biometric Voter ID
Australian Government Unveils ‘Trust Exchange’ for Digital ID Verification
Identity News Digest – July 25 2024
Experts Highlight Nuances of Anti-fraud Data Collection in Senate APRA Testimony
Identity News Digest – May 14, 2024
Follow Us