Something interesting is happening in China. That’s nearly always the case in general, but here I am referring to a specific development related to privacy. That development has been brewing for a number of years now, but it has persisted for long enough, and has risen recently to a level of intensity, that I am now beginning to consider seriously whether it may mean a long term or even permanent change in China, so far as privacy is concerned.

That development is a rising awareness among the general population in China of the need to protect personal information, and an increasing anxiety over the prospect of data breaches and their consequences. Right now it may be fair to say that this anxiety borders on outrage. Lately it has become easy to find examples of the expression of this attitude in the online domestic press. Here are just a few examples:

One recent incident tells the near-Kafkaesque story of Ms. Wu, whose family purchased a new home and started receiving an unending barrage of marketing calls each day from different home decoration companies immediately after the purchase. Wu had no idea how the home decoration companies obtained her telephone number. It’s also not clear how they knew that she was a new homeowner. “I don’t know what I am going to do!” said Wu, a resident of Chongqing. According to the article, Wu is not in the minority: 78.2 percent of China’s “netizens” have experienced leakages of their personal information, including names, educational history, residential address, national ID card number, and place of employment.

In March, a new regulation required users of courier delivery services to use their actual names (instead of pseudonyms) when filling out waybills for delivery packages. This may have led to actual harms from breaches of data security. On August 26, an employee of a major courier delivery services company was tried in court for selling passwords of the company’s information systems to others, resulting in a huge exposure of personal information. According to court documents, these sales took place repeatedly.

“Why are the poor always the ones who are most cruelly victimized by fraud?” cries the headline of an article published on September 1, 2016. The article tells the tragic story of Xu Yuyu, an 18-year old student about to commence university studies at Nanjing University of Posts and Telecommunications. Her mother was unable to work due to a disability, but her father, who worked odd jobs for three to four thousand RMB per month, was able to scrape together tuition of RMB9,900. However, the tuition money was lost when it was remitted to a fraudster who contacted the family and convinced them to send it to an account controlled by him. The fraudster could not have pulled this off without having access to significant personal information about Xu Yuyu. When the money was lost, Xu Yuyu became distraught, her heart stopped, and she died. Another student was victimized by a similar fraud shortly afterwards.

At the very beginning of this year, a group called the China Internet Security Sector Alliance was formed to address a “grim” Internet security situation in China.  According to a 2015 report on website security in China, 43.9 percent of all websites surveyed in 2015 had security vulnerabilities, and perhaps 5.5 billion items of personal information have been leaked per year by way of these vulnerabilities.

The articles quoted above tell the story of a Chinese populace that now is intently and anxiously aware of how its personal information is used. Will this new awareness seep into the underlying culture and affect China’s permanent cultural stances towards privacy?

This might portend a deep change in societal attitudes in China. In past years, when lecturing on the topic of privacy, I had been fond of explaining that what we in the West would call “privacy” is culturally so foreign in China that attitudes against it are embedded in the language itself.  For example, the term “self-centered,” when translated into Chinese, literally reads as “self-private (自私)”; and the term “to smuggle,” when translated, literally reads as “to walk private (走私)”.

Perhaps that is now changing. 

The articles quoted above tell the story of a Chinese populace that now is intently and anxiously aware of how its personal information is used. Will this new awareness seep into the underlying culture and affect China’s permanent cultural stances towards privacy? Granted, it might not. This new change in awareness appears to be “event driven,” because it comes in response to particular crimes and the financial and personal losses brought about by those crimes. Once the triggering event is resolved and fades in memory, or at least once the domestic media ceases to cover the event with the same focus, the new public awareness may fade as well.

The real answer is, who can say? The future is always contingent. 

But my own wager would be that a permanent change remains within the realm of possibility. Technology has led to the everyday reliance of ordinary Chinese on the internet, and in turn to the risks inherent in conveying personal information over the internet. That technology is not going to go away. For practical purposes, it is here to stay. As such, the risks will not go away either, and ordinary people in China now and forever after will have to worry about the prospect that their personal data may be abused some day.  That kind of permanent risk and permanent anxiety might just be the stuff of which permanent cultural changes are made.

Here is an interesting thought: We usually think of culture as being, like art and music, a “soft” factor that moves according to different rules and rhythms than do “hard” factors, such as economic forces, military power, legal institutions and technology. In this latter instance, a “hard” factor (crime, and the financial loss brought about by it) is giving rise to a change in a “soft” factor (societal attitudes and possibly even a cultural shift), which in turn is likely to give rise to a change in another “hard” factor (laws and regulations on digital security, and changes in enforcement policies). Could it be that “soft” and “hard” factors are more immediately intertwined than we usually assume, that they have close mutual influence on one another, and that “soft” factors are therefore actually harder than we think?

But more practically, expect to see continued, heightened awareness and anxiety in China about abuses of personal information as well as further rulemaking and strengthened enforcement policies in China to address them.

photo credit: Light River via photopin