That's difficult to believe.

That's difficult to believe.

China is very creative in its kind.

The written standard leaves space for interpretation by enforcement authorities whose interests and objectives may not align with the intent of the drafters...

There is a tension in which companies may be caught between a rock and hard place: at once needing to follow vague consent rules, while also being penalized if personal identity data is not maintained for users.

Chinese laws can be enacted, but enforcement is up to local interpretation. China is not a "Rule by Law" but a "Rule by Man" country. Local interpretation allows local authorities to tailor their response depending on the issue at hand, the person, and the perceived crime breached. This makes it difficult to read a Chinese law and somewhat understand it.

China encourages a good deal of "self-enforcement", where they heavily penalize a company for breaches, thereby encouraging competitors to self-correct in order to not be charged.

China collects vast amounts of data from private social media companies (company CEOs are CCP members) , semi-private/state run mobile companies and others. Their data collection is often used in Chinese courts as evidence to charge, convict and incarcerate people. I find it difficult to put together what I read from court evidence (official CCP press releases) and what I read about their info security legislation. Good intentions or mere propaganda?