GIFT a SubscriptionGift
HamberMenu
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

year
Click here for our in-depth coverage of Lok Sabha and Assembly elections #ElectionsWithTheHindu

China drafts new data measures, defines "core data"

China's data security law builds on the 2017 cybersecurity law, which marked the first major set of rules governing the storage and transfer of data of Chinese origin.

September 30, 2021 06:10 pm | Updated 06:12 pm IST - BEIJING

Reuters
Thursday's draft measures describe in detail three categories of data - ordinary data, important data, and core data.

Thursday's draft measures describe in detail three categories of data - ordinary data, important data, and core data.

China published new draft measures on Thursday aimed at bolstering its new data security law, including definitions of what it considered "core" and "important" data.

(Sign up to our Technology newsletter, Today's Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

China implemented the Data Security Law on Sept. 1. which requires all companies in China to classify the data they handle into several categories and governs how such data is stored and transferred to other parties.

But lawyers have criticised its ambiguities including its lack of definitions for data.

Thursday's draft measures describe in detail three categories of data - ordinary data, important data, and core data.

The authorities describe ordinary data as data with a minimal ability to impact society at large, or that will affect a small number of individuals or enterprises.

Important data is defined as data that poses a threat to China's national and economic interests or impact the rights of individuals and organisations, and has an "obvious cascading effect" across a range of industries and enterprises.

Also Read | Global Internet freedom declines for 11th straight year, China emerges as worst abuser

Core data, meanwhile, is defined as data that poses a "serious threat" to China's national and economic interests. Disruption of important data could cause "major damage," leadingto "large-scale shutdowns," or "large-scale network and service paralysis."

The regulator adds that organizations may "self-assess" the security of ordinary data, but must conduct annual assessments at least once each year.

Organisations must also receive approval for cross-border transfer of core data and important data via a special mechanism, the rules state.

Data policy has become one of several areas regulators have targeted amid an ongoing crackdown on industry that has unfolded throughout the past year. China's data security law builds on the 2017 cybersecurity law, which marked the first major set of rules governing the storage and transfer of data of Chinese origin.

Related Topics

technology (general) / China / international law / data protection / Right to Privacy / emerging technologies / corporations

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.