data_protection-280x300China’s consumer boom has also created a boom in trafficking in personal data. US business information firm Dun & Bradstreet reportedly was fined RMB1m and had four of its Chinese employees jailed earlier this year for buying the personal data of Chinese citizens.

Chinese prosecutors uncovered 30 cases of personal data theft, involving 57 suspects, in the first half of 2013. That’s a huge increase over the one case reported in the year-earlier same period.

In one high-profile case, China’s state-run TV broadcast a taped confession of a British fraud investigator who had been detained for obtaining personal information of Chinese citizens illegally.

His consultancy, ChinaWhys Co, specializes in risk mitigation in china and works with several multinationals, including  pharma giant GlaxoSmithKline, which also made the news a few months back in an extensive corruption investigation in China.

China is clearly starting to take the issue of data protection a lot more seriously than before, so western businesses operating in China need to be aware of the consequences of holding data on their consumer and employees.

According to Chinese prosecutors, around half of the cases arising in the first half of 2013 involved employees taking advantage of their position to sell customer data or to use customer data to promote their own products.

Thus, although an obligation to safeguard customer personal data is not directly an employment law matter, it can quickly become so.

Employers need to be extra vigilant with the customer data that they hold. Not only can the leakage of personal data cause significant embarrassment for the employer, but the possibility of being found liable for negligence should be avoided.

Australian international legal firm Herbert Smith Freehills has more information on this topic.