Tech policy / Privacy / Podcast: Want consumer privacy? Try China
Forget the idea that China doesn’t care about privacy—its citizens will soon have much greater consumer privacy protections than Americans.
The narrative in the US that the Chinese don’t care about data privacy is simply misguided. It’s true that the Chinese government has built a sophisticated surveillance apparatus (with the help of Western companies), and continues to spy on its citizenry.
But when it comes to what companies can do with people’s information, China is rapidly moving toward a data privacy regime that, in aligning with the European Union’s GDPR, is far more stringent than any federal law on the books in the US.
For the September/October issue of MIT Technology Review, senior reporter Karen Hao picks apart the common Western perceptions about how Chinese people think about data privacy. This week on Deep Tech, she joins our editor-in-chief, Gideon Lichfield, to discuss how consumers’ private data is protected in the world’s largest surveillance state.
Check out more episodes of Deep Tech here.
Show notes and links
Full episode transcript
Gideon Lichfield: You’ve probably got this notion in your head that if you live in China, there is no such thing as data privacy.
The government spies on everything you do. Your data can be used to create a social credit score—that’s like a measure of whether you’re a good citizen.
Now, during the coronavirus pandemic, you have to download an app called Health Code. It gives you a red, yellow or green code based on your data and it has to be green for you to get on a train, say, or enter a store.
Many countries have data protection laws. In Europe, there’s GDPR, that lets people decide what data is collected and kept about them. Other countries and some US states have been adopting their own versions. And the common view is that in China, giant tech companies like Alibaba can basically collect as much data as they want and people either don’t care or can’t do anything about it. But that’s a misperception.
The Chinese government does spy on people and is doing so more and more. But when it comes to how private companies use their data, Chinese citizens have actually been demanding more privacy. As a result, China’s been developing a pretty sophisticated data protection framework.
And during the pandemic, there’s been a very healthy debate among Chinese citizens on social media about just how much data the authorities should be able to collect for the sake of public health—and what they should be allowed to do with it.
Today on the show, I’m talking to our senior Artificial Intelligence reporter, Karen Hao. Her story in the latest issue of MIT Technology Review—our techno-nationalism issue—really picks apart the common Western perceptions about how Chinese people think about data privacy.
I’m Gideon Lichfield, Editor in chief of MIT Technology Review, and this is Deep Tech.
Anchor for China 24 News: Life was supposed to be full of wonder and hope for 18 year old Xu Yuyu. She was just admitted to Nanjing University of Posts and Telecommunications. However, one phone call put an end to her future.
Karen Hao: In the fall of 2016, in the coastal Chinese province of Shandong, a young woman named Xu Yuyu (徐玉玉, Xúyùyù) was celebrating her admission to college.
Xu came from a poor family. Only her father worked and he had a small income. And very few of Xu’s relatives had ever been able to go to college. But her parents had painstakingly saved for her tuition.
And Xu also applied for financial aid. And a few days later, she received a call saying she’d been awarded a scholarship. To collect the money, she needed to first deposit nearly 10,000 yuan, or fourteen-hundred dollars, into an account connected to the university.
She wired the funds to the given number. And that night, the family rushed to the police to report that they had been defrauded.
In a later recounting of the story, Xu’s father said his greatest regret was asking the police whether they might still recover their money. The answer—”likely not”—only exacerbated Xu’s devastation. And on the way home, Xu who was otherwise healthy collapsed from a heart attack. She died in a hospital two days later.
At a press conference, the Director of the Dept. of Student Affairs at Nanjing University said a scholarship call to Xu had never been made.
Sun Xiucheng [via China 24 News]: We didn’t know about this until the media reported. What we had was some basic information related to her performance in the college entrance exams. This doesn’t include her family conditions.
Karen Hao: The call had instead come from scammers who had paid off a hacker for her number, admissions status, and her request for financial aid.
For Chinese consumers who’d become all too familiar with their personal information being stolen, Xu became a symbol. Her case sparked a national outcry for greater data privacy protections.
Gideon Lichfield: So Karen, where did this idea come from that the Chinese just don’t care about data privacy?
Karen Hao: Yeah, so I think there is a grain of truth in that, at one point when comparing US consumers with Chinese consumers, perhaps the US consumers did care more than Chinese consumers. But I think part of that is because each country had their own respective cycles of technology development.
So if you think about our cycle in the US, when we first started having tech companies in tech services, we were actually pretty happy with the idea of giving up some of our data privacy in exchange for that convenience.
And it wasn’t until tech giants became really big and powerful and we started having data breaches that we then realized that data privacy is actually something we should care about and something we should be advocating for. So I think China is undergoing that same cycle.
Gideon Lichfield: But for Western tech companies like Facebook, this belief that the Chinese don’t care about privacy has actually been kind of convenient, hasn’t it?
Karen Hao: Oh, definitely. I think the most infamous example of this is in 2018 when Mark Zuckerberg testified to the Senate after the Cambridge Analytica scandal.
Mark Zuckerberg [via CSPAN coverage of his 2018 Senate testimony]: We still need to make it so that American companies can innovate in those areas or else we’re going to fall behind Chinese competitors and others around the world.
Karen Hao: He’s literally saying to regulators, don’t clamp down on us too hard for privacy invasive technologies like face recognition because American companies still need to innovate in these areas to outcompete Chinese companies.
Gideon Lichfield: In July, the CEOs of Apple, Amazon, Google, and Facebook all gave testimony in the US Senate. And we heard some of these themes come up again, didn’t we?
Karen Hao: Yeah. Again, Mark Zuckerberg. If you look at his written remarks, he said, don’t regulate us too hard because we need to compete with Chinese companies. And these latest hearings weren’t necessarily focused on data privacy this time. But this narrative continues that if the US government is too hard on US tech giants, They will be at a disadvantage because the Chinese government doesn’t restrict Chinese tech giants at all, in any regard.
Gideon Lichfield: So Karen, you’ve been to China on reporting trips. Have you had conversations with people there about data privacy? What sorts of things have you heard?
Karen Hao: Yeah. So from my conversations with people who live in China, I think there’s this growing sense of a loss of control. And honestly I think the conversations are pretty similar to the ones that we have in the US in that people are realizing and recognizing that their data is being used increasingly by tech giants in ways that they don’t really understand.
Like in the US we talk about how we often end up seeing ads that follow us around the internet. After we searched something on Google and in China, that’s what they’re talking about too. They use Baidu, that’s their search engine, and they’ll search something and suddenly have an ad pop up on a different app for the exact same thing. So they feel uncomfortable with that. Just like we feel uncomfortable with that.
Gideon Lichfield: And actually it was Western companies that helped China construct this surveillance state, right?
Karen Hao: Yeah. I mean, at the time, China really didn’t have very good technology infrastructure. So they actually had to rely on Western companies who had far more advanced technologies in this regard.
So it was companies like American conglomerate Cisco, Finnish telecom giant Nokia, Canada’s Nortel networks that were all enlisted to help work on different parts of the project. So these companies help build a nationwide database for storing information on all Chinese adults. And they developed a sophisticated system for controlling information flow on the internet, which eventually would become what we now know as the great firewall.
And conveniently, a lot of these technologies were basically standardized for state spying because the FBI had worked with the US government to pass the Communications Assistance for Law Enforcement Act in 1994 to help with their spying. And so many of these companies had updated their systems based on this law. And were now exporting these technologies to China to help build China’s digital state surveillance system.
Gideon Lichfield: So the infrastructure of this surveillance state starts to get built in 2000, but the crackdown, the censorship, all of that really takes off after Xi Jinping becomes president in 2013. So how…
Read full article