The Delegation from the People’s Republic of China

Position paper for the UN Security Council

The topic before the United Nations Security Council (UNSC) is the personal data violation. The
People’s Republic of China recognizes the need for strong international cooperation to monitor and
implement access to vital security, and it looks forward to discussing this topic at the upcoming
conference.

Personal data violation

The Principles on Personal Data Protection and Privacy set out a basic framework for the processing
of personal data by, or on behalf of, the United Nations System Organizations in carrying out their
mandated activities.

The principles aim to harmonize standards for the protection of personal data across the UN System;
facilitate the accountable processing of personal data; and ensure respect for the human rights and
fundamental freedoms of individuals, in particular the right to privacy. These Principles apply to
personal data, contained in any form, and processed in any manner. Where appropriate, they may
also be used as a benchmark for the processing of non-personal data, in a sensitive context that may
put certain individuals or groups of individuals at risk of harms.

The High-Level Committee on Management (HLCM) formally adopted the principles at its 36th
Meeting on 11 October 2018. The adoption followed the HLCM's decision at its 35th Meeting in April
2018 to engage with the UN Data Privacy Policy Group (UN PPG) in developing a set of high-level
principles on the cross-cutting issue of data privacy. Preceding the 36th HLCM meeting in October, the
Principles were developed and unanimously endorsed by the organizations represented on the UN
PPG.

Country Policy

The largest ride-hailing firm in China was fined RMB 8.026 billion (about $1.2 billion USD) on July 21,
2022, by the Cyberspace Administration of China ("CAC") for breaking many data protection rules,
including the Cybersecurity Law, Data Security Law, and Personal Information Protection Law.
Additionally, the company's CEO and president both received personal fines of RMB 1 million, or
around $150,000 USD.

The public announcement of the penalty decision is brief, but a CAC representative stated during a
press conference that the administration discovered a total of 16 infractions. This includes the unlawful
acquisition of vast amounts of data about passengers, such as screenshots from mobile device
albums, user clipboard and application list information, face recognition data, and age-related data.
The corporation also failed to correctly state the processing objectives for 19 distinct categories of
personal information, including user device information, according to the CAC.

According to the CAC spokesperson, these violations, which continuously violate the Personal
Information Protection Law effective since November 2021, the Data Security Law effective since
September 2021, and the Cybersecurity Law effective since June 2017, respectively, started in May
2015 and continue to this day.
In the future, the CAC representative stated that the CAC would continue to improve enforcement in
the areas of cybersecurity, data security, and personal data protection.

Possible Solutions

1. The West and Western technology corporations must do more to understand Chinese privacy rules.

2. We must accelerate the creation of worldwide privacy standards.

Methods enabled by technology

If we are worried about how privacy standards seem in China and how those norms may effect the
rest of the world, one thing is clear: China should not be treated in the same way as the United States
or the European Union. Companies, particularly those from the United States, abide by European
legislation out of concern about the loss of the European consumer market. But in China, this strategy
will fail.

We require a strong global community that is prepared to cooperate on challenging topics, such as
digital privacy rights. Not American technological superiority or European legislation, but rather
worldwide, multi-stakeholder activities that define the global ideals of privacy are what are required to
have an impact on the establishment of privacy standards in China. We have not seen many global
initiatives that include non-Western ideas on privacy. We will need more international collaboration to
successfully establish and sustain genuinely global privacy rules, both through regional, multinational
organizations like the Asia-Pacific Economic Cooperation and non-governmental organizations like the
United Nations. Codifying privacy rules can also be aided by effective trade policy.

Change offer in the document

(In cluster 3, as an addition) In order to develop and ensure the cyber security of the countries (main
focus is personal data), we firstly need to focus on how to solve vulnerabilities of cyber security system
of the government, fix it before any cyber-attacks. We should have a law or at least special article
related to working together related to the “union toward the cyber-attacks.”
 Strategies that support government oversight

In China, the emphasis on privacy is less on individual ownership of private information and more on
preserving one's reputation in society. Even though, China's large population makes it a tempting
market, the country is widely recognized for its restrictive Internet infrastructure. Protectionist trade
policies resulting from thousands of years of historical isolationism, as well as a recent history of
inequitable dealings with the West, have resulted in China developing its own thriving digital
technology industry, with homegrown companies that replicate and compete with Google, Facebook,
and others. Because Chinese enterprises do not require the European market, they do not need to
modify their procedures to comply with European privacy legislation.

Conclusion

Privacy and secrecy were not prioritized when developing the internet. Its primary goal was to raise
awareness rather than impose limits, and it has done an excellent job of doing so. However, as the
internet and digitalization progress, both consumers and policymakers are beginning to prioritize
anonymity. The people who manage personal information must take accountability for their actions
and take the appropriate precautions to protect the security of the data they handle.

Though the situation does not appear good, we have some anticipation that things will change for the
better in terms of privacy protection. Online accounts and the emergence of a digital society have
greatly increased the power of organizations that collect user data. It is crucial to maintain and ensure
the security of any stored personal data even when there are arguments in favor of collecting user
data. Our identities are the most priceless possessions we own. They are a certain kind of asset.