Core Viewpoint - The National Internet Information Office and the Ministry of Public Security have drafted the "Regulations on Personal Information Protection for Large Internet Platforms (Draft for Comments)" to regulate personal information processing activities and protect individual rights, with public feedback accepted until December 22, 2025 [1]. Group 1: Definition and Scope - Large internet platforms are defined based on criteria such as having over 50 million registered users or 10 million monthly active users, providing significant network services, and handling data that could impact national security and public welfare if compromised [5][6]. - The regulations apply to large internet platforms operating within the People's Republic of China, adhering to existing laws such as the Personal Information Protection Law and the Data Security Law [3]. Group 2: Responsibilities and Compliance - Large internet platform service providers must appoint a personal information protection officer from their management team, who must be a Chinese national with relevant expertise and at least five years of experience [2][7]. - Providers are required to store personal information collected within China domestically, with strict conditions for any data transferred abroad [11][12]. Group 3: Oversight and Accountability - The regulations mandate that the National Internet Information Office and relevant authorities will hold providers accountable for non-compliance, including criminal liability for serious violations [17]. - Providers must report information regarding their personal information protection officers and related organizational structures to the authorities [9][10]. Group 4: Public Participation and Feedback - The public can submit feedback on the draft regulations through various channels, including official websites and email [2].

Core Points - The National Internet Information Office and the Ministry of Public Security have drafted the "Regulations on Personal Information Protection for Large Internet Platforms (Draft for Public Consultation)" to standardize personal information processing activities and protect individual rights [1][4][20] - The draft is open for public feedback, aiming to promote healthy development of the platform economy while ensuring compliance with existing laws [1][4][20] Summary by Sections General Provisions - The regulations are designed to protect personal information rights and promote lawful and reasonable use of personal data [4] - Applicable to large internet platforms operating within the People's Republic of China, with specific criteria for identification based on user registration and active user metrics [6][4] Responsibilities of Large Internet Platforms - Platforms must adhere to principles of legality, necessity, and integrity in personal information processing, ensuring the protection of sensitive data and minors' information [6][4] - Platforms are required to appoint a personal information protection officer with relevant expertise and experience [5][6] Personal Information Protection Officer Duties - The officer must guide compliance with personal information processing regulations and participate in decision-making related to data handling [8][7] - They are responsible for monitoring data processing activities and reporting any significant risks or violations to relevant authorities [8][7] Data Storage and Management - Personal information collected within China must be stored domestically, with strict conditions for any data transferred abroad [11][12] - Data centers must meet specific criteria, including being located within China and having qualified management [12][11] Compliance and Auditing - Platforms are encouraged to conduct regular compliance audits and risk assessments, potentially involving third-party organizations [15][16] - In cases of significant data breaches or violations, platforms may be required to undergo external audits [16][17] Rights of Individuals - Individuals must be provided with easy methods to access, correct, or delete their personal information, and platforms must respond to such requests within specified timeframes [14][13] - Platforms can charge reasonable fees for repeated requests for data transfer [15][14] Reporting and Accountability - Platforms must report changes in their personal information protection officers and related structures within a specified timeframe [10][10] - Authorities will pursue accountability for any violations of these regulations, including potential criminal liability for severe breaches [18][18]

Core Viewpoint - The article discusses the public consultation on the draft regulations for personal information protection on large internet platforms, initiated by the National Internet Information Office and the Ministry of Public Security, aiming to standardize personal information processing activities and protect individual rights while promoting healthy platform economic development [1][3]. Summary by Sections Introduction - The draft regulations are based on existing laws such as the Personal Information Protection Law, Data Security Law, and Cybersecurity Law, and are intended to regulate personal information processing on large internet platforms [3][5]. Definition of Large Internet Platforms - Large internet platforms are identified based on criteria including having over 50 million registered users or 10 million monthly active users, providing significant network services, and handling data that could impact national security or public interest if compromised [6]. Responsibilities of Large Internet Platforms - Platforms must adhere to principles of legality, necessity, and integrity in processing personal information, appoint a dedicated personal information protection officer, and ensure the protection of sensitive and minor users' information [6][7]. Personal Information Protection Officer - The personal information protection officer must be a member of the management team, possess relevant expertise, and report directly to the National Internet Information Office and relevant authorities in case of significant risks or violations [7][8]. Data Storage Requirements - Personal information collected within China must be stored domestically, with strict conditions for any data that needs to be transferred abroad, ensuring compliance with national security regulations [9][10]. Compliance and Auditing - Large platforms are encouraged to conduct regular compliance audits and risk assessments, potentially involving third-party organizations, especially in cases of significant data breaches affecting over 1 million individuals [15][17]. Rights of Individuals - Individuals must be provided with easy methods to access, correct, or delete their personal information, and platforms are required to respond to such requests within specified timeframes [10][11]. Reporting and Accountability - Platforms must report any changes in their personal information protection structures and cooperate with authorities during audits and investigations [10][12]. Encouragement of Innovation - The regulations encourage platforms to innovate in personal information protection technologies and participate in the development of international standards [18][19]. Confidentiality and Security - All involved parties must maintain confidentiality regarding personal information and comply with national security laws when handling sensitive data [13][14].

Core Points - The National Internet Information Office and the Ministry of Public Security have released a draft regulation for public consultation regarding the protection of personal information on large online platforms [1] - The regulation aims to standardize the handling of personal information by large online platforms, protect the legal rights of individuals, and promote the healthy development of the platform economy [1] - The draft is based on several existing laws, including the Personal Information Protection Law, Data Security Law, Cybersecurity Law, and the Regulations on the Management of Network Data Security [1] Summary by Categories - **Regulatory Framework** - The draft regulation is a response to the need for a structured approach to personal information protection in the context of large online platforms [1] - It is aligned with multiple legal frameworks that govern data protection and cybersecurity in China [1] - **Objectives** - The primary goal is to protect individual rights related to personal information while ensuring the sustainable growth of the platform economy [1] - The regulation seeks to establish clear guidelines for the processing of personal information by large platforms [1] - **Public Consultation** - The authorities are currently seeking public opinions on the draft regulation, indicating a collaborative approach to policy-making [1]

Core Points - The article discusses the draft regulations for personal information protection on large online platforms in China, aimed at standardizing the handling of personal data and safeguarding individual rights [1] - The regulations are based on several existing laws, including the Personal Information Protection Law and the Data Security Law, indicating a comprehensive legal framework for data management [1] Group 1 - The National Internet Information Office and the Ministry of Public Security have initiated the draft regulations to promote healthy development in the platform economy [1] - The public is invited to provide feedback on the draft regulations through various channels, including official websites and email [1] - The deadline for submitting feedback is set for December 22, 2025, allowing ample time for public input [1]