China Legal Update – Septemper 19, 2023

1. FDI: Further liberalization of foreign investment in China on the way

On August 13, the State Council released the Opinions on Further Optimizing Foreign Investment Environment and Intensifying Efforts to Attract Foreign Investments (the “Opinions”).

The Opinions focuses on quality of foreign investment utilization, national treatment of foreign-invested enterprises, protection of foreign investment, facilitation of investment and operation, financial support, ways to promote foreign investment. More detailed local measures await the implementation.

The Opinions aim to liberalize foreign investment in “key areas” , such as accelerating the implementation of foreign investment projects in biopharmaceutical fields, supporting foreign invested enterprises and various vocational colleges and institutions to carry out vocational education and training in fields such as advanced manufacturing, modern services, and digital economy. In the future, foreign investors will be welcomed to invest in such key areas.

Also, the Opinions stated that there will be more pilot areas for share transfer in equity investment and venture capital investment, in order to boost investors’ confidence.

Some pilot areas will be opened up for telecommunication services, such as domestic Internet virtual private network business (with a foreign equity ratio of no more than 50%), information service business (Apps stores only, excluding online publishing services), and Internet access service business (Internet access services for users only).

To facilitate the operations, foreign staff’s entry/exit and stay(residence) will be eased. A green tunnel will be established for qualified foreign-invested enterprises to speed up the efficiency of the evaluation process of important data and personal information outbound security assessment.

2. Cyber security: Better Control of Facial Recognition Technology in China

On August 8, Cyberspace Administration of China (“CAC”) issued the Management Regulations draft of planning to restrict businesses’ use of facial recognition technology (the “Draft”), seeking for public comments.

Before the Draft is issued, scattered laws and regulations are currently applied for the use of facial recognition technology:

1. Personal Information Protection Law (PIPL) restricting the use of facial data collected in public place;
2. Provisions of the Supreme Court on abuse of facial recognition information in which right of personality has been violated;
3. GB/T 35273-2020, GB/T 41819-2022 and GB/T 42574-2023 (to be implemented on Dec 01, 2023) stating security technological requirements on data storage and users’ consent.

The Draft consolidates the requirements of the above legal provisions and provides more details for compliance:

1. The Draft applies not only to the processors of facial information using facial recognition technology, but also to the providers of facial recognition technology products or services;
2. The Draft strictly limits the threshold for the use of technology to the extent necessary. Preferences should be given to non-biometric solutions when other non-biometric solutions are available.
3. It shall gain separate consent or written consent before use of technology, avoiding blanket consent. Separate consent shall be obtained for Using facial recognition technology to analyze sensitive personal information such as race, ethnicity, religious beliefs, health status, etc.
4. The Draft emphasizes the protection of privacy rights, prohibiting the use of this technology to install image capture and personal identification devices in places that may invade privacy such as hotel rooms, public bathrooms, etc.
5. The Draft states filing obligations for the first time for users of facial recognition technology in public places, and users of facial recognition technology that stores over 10000 individual’s facial information to conduct filing to the local Cyberspace Affairs department.