Security, data and counterfeits
Recent developments in China e-commerce
27 April 2017
The China e-commerce market has been booming in recent years. According to recent data, online sales reached RMB20.8 trillion last year. The success of e-commerce brings its own challenges, including regulation by multiple authorities, a new cyber security law and the ever-present danger of counterfeiting. This article looks at recent developments and what lies ahead in this fast-growing economy.
According to data published by the PRC Ministry of Commerce (“MOFCOM”), online sales in China reached RMB20.8 trillion last year, of which sales on the pure “e-tailing” side reached RMB3.88 trillion.
The regulatory landscape
Currently, multiple government authorities jointly regulate e-commerce activities in China. These include:
- the Cyber Administration of China (“CAC”);
- the PRC Ministry of Industry and Information Technology (“MIIT”);
- the State Administration for Industry and Commerce (“SIAC”);
- the General Administration of Quality Supervision Inspection and Quarantine (“AQSIQ”); and
- the General Administration of Customs (“Customs”).
Of these bodies, the CAC is first and foremost responsible for supervising information and content published online and coordinating with other governmental authorities in enforcing internet related policies.
SAIC and MOFCOM focus on regulating online trading and the e-commerce market while AQSIQ and Customs supervise cross-border e-commerce activities.
These PRC governmental authorities have between them issued dozens of notices and rules regulating different types of e-commerce activities, although the PRC central government has not yet issued a unified national law governing e-commerce.
The major notices and rules include:
- “Administration Measure for APP Information Service” issued by CAC in 2016;
- “Administrative Measure for Online Advertisements” issued by SAIC in 2016;
- “Administrative Measure for Online Trading” issued by SAIC in 2014;
- “Third Party E-commerce Platform Service Guidelines” issued by MOFCOM in 2011; and
- “Online Trading Service Guidelines” issued by MOFCOM in 2009.
It is anticipated that the PRC government will issue more rules to intensify the regulation of e-commerce activities, with online anti-counterfeiting, cyber security and the special regulation of healthcare industry thought to be top of the PRC government’s work programme.
The Chinese online market is known to be flooded with counterfeit and infringing products, something which causes brand owners significant worries.
Enforcement authorities find it is difficult to crack down on online infringing acts in China partly because of a lack of resources and capacity but also because the absence of physical premises makes it difficult to track down offenders.
One way for brand owners to curb infringing acts online is to work with third party online platform providers or internet service providers, who are required by the PRC laws and regulations to:
- close or suspend any infringing webpage upon receipt of an infringing warning notice from a right owner; and
- review the qualifications and information of online traders when they trade on a platform.
If the website operator fails to close or suspend an infringing webpage upon request, the online platform provider or internet service provider becomes jointly liable for the infringing act.
A greater sanction
In practice, however, the passive suspension of an infringing webpage may not effectively prevent the repetition of online infringing acts. The PRC courts however, seem more willing to deal with the issue, as shown in E-land International Fashion (Shanghai) Co v Zhejian Taobao Network Co Ltd and Du Guofa (E-land).
E-land, a clothing company, owned the exclusive rights to use certain registered trademarks in respect of its clothing products. Du Guofa was an individual who sold clothing through Taobao, an online commerce platform similar to eBay. The clothing sold by Du Guofa featured the registered marks over which E-land had exclusive rights.
Taobao deemed that it had satisfied its obligation by deleting the relevant infringing information and webpage upon E-Land’s notice.
The court held that E-land had filed a huge number of complaints to Taobao for infringing/counterfeit products sold on “www.taobao.com” since 2006.
During the period September to November 2009, E-land had filed 131, 261 complaints and 117,861 infringing links were deleted. From 23 February 2010 to 12 April 2010, E-Land filed 153,277 complaints and 124,742 links were deleted.
The Court ruled that an internet service provider will be jointly liable for the infringement if it fails to take appropriate steps to prevent the infringement. The number of complaints filed showed that Taobao was aware that merely deleting the infringing materials was not an effective way of dealing with the infringement and had failed to take adequate steps to do so.
The Court found that Taobao should have taken more effective and preventive measures rather than simply passively deleting infringing webpage upon E-land’s notice. The decision will encourage intellectual property owners to take a more proactive approach to notify and work with online platform providers or internet service providers to deal with online counterfeit issues.
Following the decision, the PRC government seems to be taking greater notice of the seriousness of online counterfeiting issues and is planning to crack down on counterfeits in areas such as public health and safety, including food and drugs, medical devices and cosmetics.
It will also extend its regulation to emerging online platforms and social media, such as apps, the cloud, and messaging services such as WeChat and micro-blogging services such as Weibo.
The PRC government published a draft of the PRC Cyber Security Law in July 2015, aiming at protecting network and online data security in China. The draft law is presently undergoing a second round of review in the National People’s Congress.
The draft law has caught wide public attention, as it provides that the operators of so-called “key information facilities” must store important data, including personal information, exclusively in China.
If, for legitimate business needs, the data needs to be transferred overseas, the data must go through a national security review. Although the draft law has defined “key information facilities”, it is still ambiguous about whether a network or particular set of data qualifies as “key information facilities” and is therefore subject to the restriction. This may open the way for the enforcement authorities to issue their own interpretations in individual cases.
The above requirement may raise concerns about cross-border data sharing and the free flow of data, and have an impact on current business models of companies which conduct business and collect online data within China.
These companies may need to consider where and how to store and process such data, where the servers of relevant networks should be located, and how to transfer and share data within group companies.
It is worth noting that in addition to the general regulations, the healthcare sector is subject to special regulation by the China Food and Drug Administration (“CFDA”).
A pharmaceutical company which wantsto sell or distribute pharmaceutical products or medical devices online in China is required to obtain the following special approvals or permits.
- If a company proposes to provide online information that relates to pharmaceutical products and/or medical devices, it should first obtain the Online Drug I Medical Device Information Service Certificate from the provincial-level FDA.
- Further, if a company proposes to sell or distribute pharmaceutical products and/or medical devices online (or it proposes to operate an online platform at which pharmaceutical products and/or medical devices could be sold), the company should obtain the Online Drug Trading ServiceCertificate from the provincial FDA, in addition to the Online Drug I Medical Device Information Service Certificate mentioned above.
There is an exception for online direct-to-consumer sales. As a pilot programme, the CFDA had been allowing direct sales of pharmaceutical products and medical devices to consumers over third party platforms since 2013.
Recently, however, the CFDA suspended this practice because of concern about the risks associated with the safety or quality of pharmaceutical products and medical devices sold online.
The CFDA appears not to have reached a final view about how best to regulate e-tailing in the healthcare sector. Pharmaceutical companies are eagerly waiting for the government to lift the ban in this respect.