China Tech loses its edge as data regulation laws bite
Last year, China made a quantum leap in data regulation by adopting two sets of national laws on data security and personal information protection. It is now in the process of churning out more guidelines to implement these ambitious new codes.
In contrast with the United States’ seeming hesitance when it comes to introducing an overarching data law, China’s legislative efforts struck many observers as bold and decisive. In fact, by introducing sweeping new measures to oversee algorithms and recommendations, China even appears one step ahead of the European Union.
Yet, having the strictest laws does not necessarily make China the world’s intellectual leader in data regulation. Without a clear understanding of the consequences of regulation, China’s aggressive intervention into the digital economy could lead to counterproductive effects.
Data is the lifeblood of the platform economy. Thus, any attempt to regulate how data should be collected, used and transferred can have a pervasive influence on the digital space.
China followed the EU in adopting the notice and consent approach to protecting consumer privacy. But this prevailing regulatory paradigm presents a paradox: it can be too little and too much at the same time.
On the one hand, even when consumers are allowed to opt-out of having their data collected and processed, most consumers either do not bother to do so, or are unaware of such options in the first place.
Meanwhile, smart big data analytics allows platforms to learn about consumer preferences without having to gain individual consent. This is why more and more scholars are calling for a rethink with regards to data regulation, arguing that data misuse should be regulated like pollution.
On the other hand, when consumers are given the choice of allowing their data to be collected and personalized, the vast majority simply opt-out, directly hurting the fundamentals of platform businesses.
Apple’s recent privacy updates offer a striking example. Since April last year, Apple has prompted its users to indicate whether they would like their activities to be tracked by the apps on their devices. Over 84% of iPhone users have reportedly chosen not to.
This has dealt a significant blow to online platforms, such as Facebook and Instagram, whose business models are built upon data collection, as well the small and medium-size merchants and advertisers who rely on Facebook operator Meta Platforms to target consumers.
When businesses pass down these new costs to consumers, either by charging consumers fees for accessing previously free apps or by imposing higher product prices, consumer interests can be harmed unexpectedly.
Indeed, while antitrust regulation usually involves extensive economic analyses to understand effects on consumers, data regulation does not generally require the same level of detailed examination. As a consequence, the benefits of data regulation, as opposed to its unintended consequences on consumers, are often poorly understood.
At the same time, data regulation is causing real damage to businesses. Innovative Chinese online platforms are now caught in limbo as they do not know whether their product interfaces are violating consumer privacy laws. The more they need to seek approval from regulators, the greater the extent to which government officials are becoming product managers themselves.
Since Beijing initiated a surprise cybersecurity review of Didi Chuxing, just two days after the company had gone public in New York, Chinese authorities have tightened rules on cross-border data transfers.
But many of those rules lack clarity. Chinese tech companies are unsure whether they are still allowed to raise capital overseas or make foreign acquisitions without running afoul of stringent cybersecurity measures.
Meanwhile, China’s audacious attempt to regulate algorithms could suppress the growth of its most creative internet companies, such as ByteDance, the parent of TikTok, which thrives on its recommendation engine. Despite well-justified critiques of surveillance capitalism, it is important to recognize that algorithms lie at the heart of innovation for consumer internet businesses.
The new legal restrictions on data collection adversely affect not only China’s soft technologies in consumer internet businesses but also its hard-core technology. China wants to become an AI superpower and has enjoyed clear advantages from possessing huge amounts of personal data. But China might now be losing a crucial edge as data collection and processing becomes more difficult.
As China curbs the influence of its tech monopolies through pervasive data regulation, it is fostering the rise of a mighty regulatory state which enjoys true monopoly power over law enforcement.
Few businesses have dared to challenge the regulators, given the lack of institutional checks and balances. Furthermore, China’s data regulations are enforced by a patchwork of regulators, many of whom possess wide discretionary administrative powers. Relentless competition among these authorities will lead to agency overreach.
Data regulation has driven Chinese tech companies into the unknown. Amid the loud calls to ramp up control over Big Tech in both the East and West, it is important to bear in mind the most rudimentary principle of regulation: first, do no harm.
Author: Angela Huyue Zhang, a law professor, is director of the Center for Chinese Law at the University of Hong Kong. She is the author of “Chinese Antitrust Exceptionalism: How the Rise of China Challenges Global Regulation”, NIKKEI Asia