China's Personal Data Protection Law: Background, actors and text of the law

This thesis addresses the topic of cybersecurity in China. The first chapter outlines the historical background of China's opening to the web, the breadth of people who regularly access the web and the specific environments of smart cities, involving intensive use of web-connected technological devices that, in a very short time, have come to permeate every moment of citizens' lives. Censorship is then addressed, both by the authorities (through the Golden Shield Project) and by netizens, who often try to avoid repercussions by not posting contents that are potentially subversive. The second chapter focuses on cybersecurity concepts and presents the policies implemented in the European Union and China. Besides the laws themselves, the different actors involved in web management and security are presented. A section is dedicated to the hierarchy of bodies in charge of the entire infrastructure, which characterizes the Chinese approach to the issue. The third chapter focuses on the legislative text of the “Personal Information Protection Law” (个人信息保护法 Geren xinxi baohu fa, effective Nov. 1, 2021). This law is about how netizens' personal data should be handled so as not to harm their interests. I therefore propose my translation, also referring to the versions by LawInfoChina and Creemers and Webster (2021). Finally, the most crucial passages with respect to EU laws are highlighted and commented upon.