China Publishes New Regulation for Personal Data Security in the Courier Industry
Time 2 Minute Read
Categories: Information Security, International

On November 16, 2015, the Legislative Affairs Office of the State Council of the People's Republic of China published a draft Regulation for Couriers (the “Regulation”) and requested public comment on the Regulation. Interested parties have until mid-December 2015 to submit comments on the Regulation. The Regulation comes at a time when courier services and online shopping are growing steadily in China. Under the Regulation, the sender of a parcel will be required to fill in his or her real name and address, the telephone numbers of both the sender and the recipient, as well as the name, quantity and nature of the object being couriered.

The courier company would then be required to verify that information. The courier company also would be required to refuse orders with false information on the waybill. If a courier company fails to check the waybill or accepts parcels with false information on the waybill, it may be subject to a maximum fine of RMB 10,000 (approximately $1,586).

The Regulation also would require courier companies to regularly destroy waybills to protect client personal information. In addition, courier companies will be prohibited from illegally selling or leaking client personal information they collect in the course of providing services. In cases of actual or potential leakage, destruction or loss of client personal information, courier companies would be required to take immediate remedial measures and report the incident to the local postal administration authority.

A courier company that breaches the foregoing obligations may face administrative penalties including the issuance of a warning, confiscation of illegal income, a maximum fine of RMB 50,000 (approximately $7,840) and possibly even revocation of its operating license.

In addition, if a courier company opens parcels without permission, hides, destroys, sells or illegally inspects parcels, it will be subject to a maximum fine of RMB 200,000 (approximately $31,360). In exceptional circumstances, its operating license also may be revoked.

Tags: Accountability, China, Compliance, Consumer Protection, Personal Information
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 3 Minute Read
Connecticut AG Clarifies AI Compliance Obligations Under CTDPA

The Connecticut Attorney General recently issued a legal memorandum regarding the application of existing Connecticut laws, such as the Connecticut Data Privacy Act, to the use of artificial intelligence.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 3 Minute Read
Oklahoma Enacts Comprehensive Consumer Privacy Law

On March 20, 2026, Oklahoma Governor Kevin Stitt signed SB 546 into law, enacting the Oklahoma Consumer Data Privacy Act, which will take effect on January 1, 2027.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
UK ICO Publishes Guidance on Recognized Legitimate Interest Basis

On March 23, 2026, the UK Information Commissioner's Office released new guidance clarifying the use of the new recognized legitimate interest lawful basis for processing personal information under UK data protection law.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Alabama Enacts App Store Accountability Act Requiring Age Verification

On February 5, 2026, Alabama Governor Kay Ivey signed Alabama House Bill 161, the App Store Accountability Act, establishing age categorization, age verification and parental consent requirements for mobile application marketplace providers operating in Alabama, effective January 2027.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page