E-Commerce Draft Law Out for Comment
On December 27, the National People's Congress (NPC) released the E-Commerce Law (Draft for Comment) with a deadline of January 26, 2017.
The Draft Law applies to trade of products and services that takes place in China or involves a Chinese business and is facilitated through the Internet or other information networks. The Draft Law calls to improve E-commerce transactions and services, strengthen E-commerce transaction protection, and encourage cross-border E-commerce under regulatory measures. The law seeks to protect trade, data, market order, fair competition, and consumer rights.
It provides a comprehensive definition of the scope, rights, responsibilities and obligations for all E-commerce businesses. The Law applies to E-commerce operators as well as 3rd party operators and requires that all entities publish their business licenses on their homepage. Additionally, should an E-commerce operator or 3rd party platform decide to shut down its’ business, they must give 60 days or 90 days notice, respectively.
There are also strict requirements to save all product and service data as well as transaction data for no less than three years. The People’s Bank of China(PBOC) and the China Banking Regulatory Commission (CBRC) will supervise and manage electronic payments in order to ensure that E-payment service providers only accept real ID-based accounts.
The Law is broken down into several key areas:
Personal Information
Personal information, as defined in the Draft, includes name, ID number, address, contact number, location, bank accounts, transaction records, payments, logistics records and any other information that could be used to identify the user. All E-commerce data must be processed so that personal information and devices used are not identifiable. This data should also be provided to relevant government departments and the government will ensure that data remains secure. Businesses are only allowed to use and hold personal information for as long as the contract stipulates and should discard upon expiration.
IPR
Should an enterprise discover IPR infringements, 3rd party platforms must delete links and terminate all transactions and services.
Cross-border E-Commerce
The Draft Law defines cross-border E-Commerce as the import and export of products and services facilitated through the Internet or other information networks. Any entity conducting cross-border E-Commerce shall abide by Chinese laws and regulations regarding export & import supervision and management. They shall also accurately provide the National Export and Import Administration with data relevant to orders, logistics, payments, and trading. E-Commerce operators are also liable for protecting all personal information and business data that leaves the country and the state will establish mechanisms to provide the safe storage and exchange of cross-border business data.