Six state-owned bank branches in China found themselves in trouble last week after they were fined over infringements of consumer personal data rights, in a sign that the authorities fully intend new consumer protection laws to make an impact.

Four branches of China Construction Bank and one branch each belonging to Bank of China and Agricultural Bank of China were fined a combined total of 41.88m yuan ($6.3m) by China’s central bank, Caixin reported.

The People’s Bank of China (PBOC) said the fines had been imposed because the bank branches had failed to show sufficient awareness of consumer rights protections and had not put in place measures to safeguard customers’ financial information.

Although the fines appear relatively small, PBOC’s intervention reflects wider official moves to improve the legislative framework to protect personal data rights in the country following some well-publicised violations.

For example, PBOC has announced new measures, which will come into force from November 1st, requiring financial institutions to follow the principles of legality, fairness and necessity when processing personal information.

In addition, a legislative committee of the National People’s Congress has already launched a consultation exercise on a draft personal information protection law, which could become China’s first unified piece of legislation on the subject.

If approved, it is expected that the law would establish a set of rules for the handling of personal information with “inform and consent” as its core principle, while also setting down more stringent restrictions on the handling of sensitive data.

The measures are expected to help in the fight against criminality and follow a major crackdown in the eastern city of Huai’an last year, in which police discovered that a criminal gang had corrupted more than 40 employees of banks, courts and other organisations, who had been collecting and selling customers’ private information.

Sourced from Caixin