Technology

China drafts new data measures, defines "core data"

Thursday's draft measures describe in detail three categories of data - ordinary data, important data, and core data.   | Photo Credit: Reuters

China published new draft measures on Thursday aimed at bolstering its new data security law, including definitions of what it considered "core" and "important" data.

(Sign up to our Technology newsletter, Today's Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

China implemented the Data Security Law on Sept. 1. which requires all companies in China to classify the data they handle into several categories and governs how such data is stored and transferred to other parties.

But lawyers have criticised its ambiguities including its lack of definitions for data.

Thursday's draft measures describe in detail three categories of data - ordinary data, important data, and core data.

The authorities describe ordinary data as data with a minimal ability to impact society at large, or that will affect a small number of individuals or enterprises.

Important data is defined as data that poses a threat to China's national and economic interests or impact the rights of individuals and organisations, and has an "obvious cascading effect" across a range of industries and enterprises.

Also Read | Global Internet freedom declines for 11th straight year, China emerges as worst abuser

Core data, meanwhile, is defined as data that poses a "serious threat" to China's national and economic interests. Disruption of important data could cause "major damage," leadingto "large-scale shutdowns," or "large-scale network and service paralysis."

The regulator adds that organizations may "self-assess" the security of ordinary data, but must conduct annual assessments at least once each year.

Organisations must also receive approval for cross-border transfer of core data and important data via a special mechanism, the rules state.

Data policy has become one of several areas regulators have targeted amid an ongoing crackdown on industry that has unfolded throughout the past year. China's data security law builds on the 2017 cybersecurity law, which marked the first major set of rules governing the storage and transfer of data of Chinese origin.


Our code of editorial values

Related Topics
This article is closed for comments.
Please Email the Editor

Printable version | Nov 30, 2021 9:33:45 PM | https://www.thehindu.com/sci-tech/technology/china-drafts-new-data-measures-defines-core-data/article36755013.ece

Next Story