Enterprise big data strategy and compliance

There is no time at which an enterprise is not required to access and use big data in its product research and development, precision marketing, customer service, order processing and production management. Big data is one of the core strategies of modern enterprises. The implementation of a big data strategy signifies that an enterprise must become a collector, processor and applier of data, but what runs in parallel to a big data strategy is information security and protection. Data collection, processing and application all touch upon the issue of compliance.

The Cybersecurity Law that entered into effect on 1 June 2017 and the subsequent complementary rules of such ministries/commissions as the Ministry of Industry and Information Technology and the Ministry of Public Security directly regulate the protection of personal information and clarify the principles and methods for, and the legal liability associated with, obtaining information. In fact, the protection of personal information is also provided for in the General Provisions of the Civil Code, the Criminal Law, relevant decisions of the National People’s Congress and judicial interpretations of the Supreme People’s Court.

Enterprise big data strategies and protection of personal information represent a clash of interests that needs to be balanced by the law and are factors that an enterprise must take into account in the course of creating its big data strategy.

Wu Weiming is a senior partner at AllBright Law Offices