Privacy vs Security：Explanation and description of information ethics in China and the West

Abstract

As exchanges between China and the West become increasingly close, some cultural cognitions have also emerged, such as the different definitions of ethics between Chinese and Europeans. We found that during the COVID-19 pandemic, the Chinese and European people's needs for a sense of security, their trust in the government, and their acceptance of information leaks were different to a certain extent.

So where do these differences in cognitive levels come from? Where should we look for the source? Below I will try to explain these phenomena from the perspective of social structure and legal system.

1.Diverging Paths to Data Protection

^[1]General Data Protection Regulation and Personal Information Protection Law

The European Union's General Data Protection Regulation, implemented in 2018, represents more than legislation – it embodies a cultural legacy. By granting individuals unprecedented control over their personal information, including rights to access, modify, and erase data, the GDPR codifies centuries of Western thought prioritizing individual sovereignty.

This bill emphasizes that personal information must be given priority, and to some extent, the protection of personal information is higher than the protection of local governments. The birth of this bill benefited from the liberal movement in Europe in the 19th century. Although some extreme ideas (such as "global ethics" and the denial of British colonialism) also emerged, the fact is that it did promote the birth of the General Data Protection Regulation（GDPR）[1]

China's Personal Information Protection Law, established three years later, which in 2021， presents an alternative vision. While similarly concerned with data security, the PIPL situates privacy within a broader ecosystem of social stability and national development. Imagine instead a communal living space where personal areas exist but are designed considering the household's overall needs. Individual privacy rights remain important, yet are consciously balanced against public welfare considerations.[2]

1.1 Different definitions of the ethical importance of personal information

Both bills point out the importance of personal information, but there is a subtle difference - context. For example, in China's PQIW, the protection of personal information does not apply to all scenarios. When the protected person commits an act that threatens national security and harms the public interest, the personal information protection mentioned in the bill will no longer apply to him. The ruling on the user's personal behavior in the GDOR does not conflict with the Personal Information Protection Law, which will actually affect the two regions at the social level. In most densely populated cities in China, cameras of varying sizes are installed, and the supervision power of the cameras and the right to collect information belong to the government - because this is beneficial to public safety and social order, it falls within the reasonable scope of the bill, while in Europe this behavior is regarded as extremely harmful to the interests of the people, which comes from the different definitions of government power by the people.

1.2 The Nuances of Consent

Although both bills mention the importance of "user consent", the implementation methods of Europe and China are completely different. The European bill is similar to a detailed agreement, which aims to give every user the right to fully understand, revoke, destroy and upload. Commercial companies must strictly follow the procedures of the bill, provide users with detailed explanations of the purpose of information, and let every user know where their information goes at any time, so that individuals can firmly grasp their digital footprints and protect the security of personal information.

China's interpretation gives the law greater flexibility. Although personal consent and knowledge are important for the use of information, it is interesting that the Privacy Protection Law can circumvent this law to a certain extent when serving emergency situations, public safety or national interests. This means that from a cultural perspective, China believes that privacy should not provide a breeding ground for hidden dangers, but rather that a certain degree of data sharing can bring stability and good news to society.

China's legal expression of information ethics stems from the new geopolitics (globalized social system). In previous history, China has obviously established an internal order to manage and restrict society. The emergence of the "Privacy Protection Law" is also the result of the constant collision between democracy and dictatorship in the past 100 years. With the deepening of global geopoliticization, the public's definition of information ethics has come in the gap between individualism and collectivism.

^[2]1.3 Geographical Boundaries

The two bills each potentially express the priority of their extraterritorial nature. Europe's the General Data Protection Regulation（GDPR） states that this bill affects any company that processes the data of EU residents, regardless of where it is located. Through the international influence and involvement of European companies, these companies have brought this bill to the world while sailing with technology, slowly defining the EU's data regulations as international practices. For example, Somalia used various data protection mechanisms led by the EU in its 2009 cargo ship transshipment plan because most of the customers and destinations were from Europe.

China's Personal Information Protection Law（PIPL） similarly extends beyond its geographic boundaries but emphasizes different concerns, particularly regarding data localization and cross-border transfers. For example, they have added some additional regulations to constrain and regulate commercial companies in cross-border data transfer. Obviously, in terms of data sovereignty, Personal Information Protection Law（PIPL）highlights that the bill not only serves the protection of personal information, but also protects national interests.

2.Different cultural understandings

^[3]2.1 Different patterns caused by European and Chinese history

Europe has experienced the Enlightenment and the Liberal Movement, with representatives such as Locke and Kant. They prefer to give the right to decide on information ethics and personal privacy to the democratic system, and the residents themselves generally believe in the results under the democratic system rather than the bills proposed by the government. They pay more attention to personal privacy than the stability of the main structure of society. In other words, Europeans are unwilling to hand over their information, such as faces, fingerprints, and dates of birth, to the government's database. Of course, there are also some voices with Rousseauist visions, demanding the creation of a social system of publicity, transparency, and trust.

China has been permeated with Confucianism for thousands of years, such as the Analects published by Confucius (Confucius, The Analects (translated by Xueqin Li, People's Publishing House, 2005).[3] In a society led by Confucianism, "stability" is regarded as a very important criterion for evaluating the social system. Many fields and ideological practices need to give way to this word - such as personal privacy. To a certain extent, personal privacy is allowed to be sacrificed in order to maintain interpersonal or public interests. This further contributed to the birth of Personal Information Protection Law（PIPL）and the residents' tacit approval and partial recognition of this bill.

2.2 Philosophical foundations

Behind these legal frameworks are ancient philosophical traditions that continue to shape modern social thinking. Western notions of privacy are deeply influenced by Enlightenment thinking, which held that individuals are independent of society and have natural rights that governments must respect. This view holds that privacy is essential to an individual’s identity and freedom.

Traditional Chinese philosophy offers an alternative based on relationships. Confucianism emphasizes that human fulfillment comes from properly maintaining social ties: family, community, and state. In this context, privacy is not about isolating individuals, but about boundaries that help maintain the harmony of these relationships.

Cultural differences between countries are an important factor affecting privacy. In China, Confucius advocated a harmonious society; in the West, Enlightenment thinkers such as John Locke and Kant emphasized free will and individual rights. In the European Union, privacy is seen as a right that individuals can exercise on their own; in China, privacy is seen as a means to maintain social stability. In Asian societies, privacy is like ripples on the water. The closer you are to the center, the easier it is to access personal information. Conversely, the closer you are to the edge of the ripple, the more solid the boundaries feel.

Information Ethics in the Perspectives of Socrates, Kant, and Locke: Philosophical Foundations for the Digital Age

The Socratic Perspective: Ethics as Questioning and Self-Reflection

Though Socrates left no writings, he established through his Platonic dialogues that ethical reasoning requires critical questioning rather than dogmatic rules. Applied to information ethics, his approach emphasizes:

As Socrates said, “the unexamined life is not worth living,” he would likely have advocated constant scrutiny of how information technology shapes human behavior, autonomy, and truth.

Social media algorithms that amplify disinformation (e.g., Facebook’s use of personal data to spread political lies) would be critiqued in a Socratic dialogue: “Does this technology promote wisdom, or merely persuade?”

Unlike modern “checklist” data ethics (e.g., GDPR consent forms), Socrates would have prioritized the cultivation of arete (excellent character) in both technology designers and users. For example, he might ask AI developers who prioritize efficiency over justice: “What ‘good’ does your algorithm provide?”

Kant’s Deontology: Universal Moral Laws for Data

Immanuel Kant’s categorical imperative provides a rigorous and principled framework for information ethics.

Kant would criticize surveillance capitalism (e.g., Google’s use of personal data for advertising) because it treats users as mere data points rather than autonomous beings. His second formula, “Always act with humanity as an end, not a means,” directly challenges behavioral tracking.

Utilitarians might defend large-scale data collection for public safety (e.g., China’s health code system in response to the COVID-19 pandemic). However, even if data collection is “beneficial,” Kant would reject it if it infringes on individual autonomy.

Locke’s Natural Rights: Ownership, Consent, and Digital Freedom

John Locke’s theories of ownership and sovereignty can be powerfully applied to data ethics.

Locke’s labor theory (“what is mixed with labor is what is all there is”) suggests that individuals own their digital traces (e.g., location information, social media posts). This forms the basis for the “right to erasure” in the General Data Protection Regulation (GDPR) and the critique of data brokers who sell user profiles for free.

Locke’s social contract theory requires voluntary consent for governance. Applied to the tech world, he would denounce the coercive nature of “accept or reject” terms of service (e.g., Apple’s opaque data policy) and demand meaningful user autonomy.

These classic philosophies remain surprisingly relevant today: Socrates demands verification when modern ethics committees discuss “compliance”; Locke demands property rights when companies hide behind “user agreements”; and Kant demands moral consistency when governments rationalize mass surveillance as “necessary.” Taken together, these philosophies remind us that information ethics cannot be reduced to a list of laws, but must address timeless questions of human dignity, autonomy, and justice.

3.Trust Equation

There are fundamental differences in the allocation of trust across cultures when it comes to data management. The Western model places strict demands on corporate data controllers while maintaining an explicit skepticism of government data collection. The General Data Protection Regulation (GDPR) institutionalizes this through an independent regulator that is not subject to political influence.

China’s approach flips this allocation of trust on its head. It allows government agencies broad access to data when it is used for public purposes while maintaining strict restrictions on commercial data use. This reflects a cultural perspective that sees state actors as responsible stewards rather than inherent threats to individual privacy.

The concept of a “global ethics” in digital governance represents an ambitious framework that calls for the development of universal principles for data protection and online behavior. In this endeavor, however, we must recognize that ethical norms are not culturally neutral but rather emerge from specific historical, philosophical, and political contexts. As the GDPR versus PIPL opposition demonstrates, even concepts as basic as privacy have different characteristics across civilizations. Europe’s rights-based individualism contrasts with East Asia’s harmony-oriented collectivism. A true global ethic cannot be achieved through standardization, but requires cross-cultural dialogue to find common minimum standards while respecting diversity. The challenge is to strike a balance between protecting universal human dignity and maintaining legitimate cultural diversity, and to avoid the historical trap of "universal" values ​​simply codifying Western views. A true global ethic must be a dynamic process of negotiation rather than a set of predetermined rules.

The "global ethic" of pursuing digital privacy, while well-intentioned, risks becoming another form of cultural imperialism if it is implemented without taking local context into account. As a comparative analysis of the General Data Protection Regulation (GDPR) and the Protection of Privacy Rights Law (PIPL) shows, the concept of privacy is deeply rooted in cultural DNA, stemming from hundreds of years of philosophical development, historical experience, and social evolution. The European model emphasizes individual autonomy and institutional control, reflecting the values ​​formed by the Enlightenment in the process of resisting monarchical oppression. Similarly, China's collectivist ideas are rooted in the Confucian tradition, at the core of which is social harmony and national governance.

When Western countries enshrine regulations such as the General Data Protection Regulation (GDPR) as "global standards", they inadvertently imitate the colonial model, assuming that its cultural framework should be universally applicable. This dynamic is evident in recent trade negotiations. Asian countries’ demands for data localization are seen as protectionist rather than respected as an alternative governance model. The controversy over India’s data protection law, which has been criticized by Western observers for its “state-centric” provisions, has further highlighted this tension. Technological infrastructure is also becoming a battleground, as Western social media platforms’ content moderation policies conflict with local norms in Muslim-majority countries and Southeast Asian societies.

A truly global ethic does not mean simply extending Western paradigms. Instead, we need to build a framework that:

Identifies minimum universal protections (such as protection against data misuse) while leaving room for culture-specific implementations.

Japan’s concept of “trusted free flow of data” represents a promising middle ground, combining individual rights such as the General Data Protection Regulation (GDPR) with Asian ideals of institutional trust. Brazil’s Global Data Protection Regulation (LGPD) similarly blends European principles with local realities of digital inequality. These examples suggest that we need to rethink ethical universalism as a mosaic rather than a monolith, meaning that a shared concern for human dignity manifests itself in different ways in different cultural contexts. Imposing a single model alternative would make “global ethics” an oxymoron, just another vehicle for Western ideological dominance masquerading as universal values.

^[4]Conclusion

A comparative analysis of the GDPR and the IPPL shows that data protection is not a monolithic concept, but a cultural construct shaped by different historical, philosophical, and political traditions. While the GDPR protects individual autonomy as a fundamental right, the IPPL situates privacy protection within the broader framework of collective stability and national governance. These differences highlight the limitations of a single "global ethic" for data protection.

Rather than imposing uniform standards, we must prioritize pluralism, recognizing that ethical norms must be rooted in local contexts to remain relevant. True progress in global data governance will not come from top-down regulations, but from dialogues that identify common values ​​while respecting the diversity of civilizations. Ultimately, the most effective data protection frameworks are those that balance universal principles with cultural adaptability to ensure protection without erasing differences.