Right to privacy / 隐私权
At its core, the right to privacy refers to freedom from undue interference in personal life, home and correspondence. UN and EU standards make clear that the right to privacy entails freedom from arbitrary and mass surveillance. Safeguarding privacy has become a challenging issue in the digital age, as both states and corporations collect and analyse significant amounts of data. Privacy is therefore closely intertwined with the protection of personal data, for which e.g., GDPR, and national laws create new frameworks.
Articles 39 and 40 of the PRC Constitution similarly forbid the unlawful search and intrusion of the homes and correspondence of Chinese citizens. China’s legal protection of personal data has been substantially expanded in recent years. Where discourse and legislation in liberal democracies has traditionally emphasised protection from the state, the focus in China is predominantly on protecting citizens from excessive collection and abuse of data by corporate actors. The state retains expansive rights to monitor and request data about its citizens under broadly defined public and national security prerogatives.
China’s new Civil Code (2021) and Personal Information Protection Law (2021) have strengthened the protection of personal rights and information in China. Companies or organisations that handle personal information now face stricter obligations to gain consent and inform individuals about the data they collect and how it may be processed.
Although privacy and security of personal data were highlighted in the 2021 White Paper on Human Rights Progress by the State Council, the acknowledgement of a right to privacy as a distinct individual right is largely absent from official documents. This has both political and linguistic roots. Under Mao’s collectivist regime, keeping things private was a matter of suspicion. The wider adoption of the term was also hampered by the fact that the Chinese term for privacy (隐私) is homonymous with the term for “shameful secret” (阴私).
The political and public approach changed in the era of reform and opening. In the 1990s and early 2000s, China’s government formulated the first data protection regulations. The following decades saw not only a growing protection of privacy rights through personal information and data security standards, but also an increasing use of the term in academic writing and public debates.
Today, privacy is a well-established term in China. This is closely linked to the wide-spread adaptation of digital technologies in daily life – from communication and travel to consumption and payment. In contrast to European norms, Chinese policy documents and legislation frame privacy and the protection of personal information primarily under information security and consumer rights and are largely directed at the private sector, not protection from state-led efforts to surveil the population.
State organs must comply with established standards in their collection and use of data. But China’s National Security Law, Cybersecurity Law and other legislation give the state wide remit to monitor public and online spaces. Corporate privacy statements generally include references that data can be shared with relevant agencies where it concerns public and national security. As platforms are legally required to provide online services only after real-name registration and identity verification, data can quickly be tied to individuals.
To build a peaceful China (平安中国), government policies since 2012 aim at expanding camera coverage, tracking physical movements and monitoring online expression to build a preventive, “multi-dimensional” system for safeguarding public security (立体化信息化社会治安防控体系) – and the political security of the Party State. Complementing previous surveillance initiatives that are now a core component of “smart” and “safe cities”, recent years have also seen a digital upgrading of mechanisms already established under Mao. This includes digitisation of personal files on citizens as well as the use of apps and hotlines to encourage mutual monitoring and reporting among the population. Progress in surveillance capacities has been on display in pandemic management, but also in minority areas such as Xinjiang.
Government efforts to use data for public and national security purposes are by no means exclusive to China. What sets the implementation of privacy in the PRC apart is the lack of institutional and public oversight through administrative and constitutional review procedures, a free press and civil rights organisations. This approach to privacy is not uncontested. From public and academic discussions to individual lawsuits and refusal of companies to hand-over data – China’s citizens are concerned about the protection of their privacy. Leaks of public databases and the abuse of China’s health code apps to prevent protests sparked renewed debates in 2022.
 For a detailed analysis of China’s state surveillance and its practical implications see: J. Chin and L. Lin, Surveillance State: Inside China’s Quest to Launch a New Era of Social Control, MacMillan, 2022.