Compare with different regulatory event:
On 3 April 2024, China's National Information Security Standardization Technical Committee (TC260) published and opened a consultation until 2 June on the draft Data Security Specifications for Generative Artificial Intelligence Pre-training and Optimisation Training of Information Security Technology standard. The standard includes a series of cybersecurity requirements for pre-training and fine-tuning data, with timely alerts and disposal measures when risks are detected and security protection measures such as identity authentication, access control, encryption, and backups for the data. An emergency response mechanism should be established for data security incidents, enabling timely and effective handling, while data processing activities should be recorded to ensure auditability and traceability of critical operations. According to the standard, personal information in the data should only be used with consent or compliance with laws and regulations, and sensitive personal information requires separate consent or legal compliance before usage. Finally, data posing intellectual property infringement risks should not be used. Measures should be taken to reduce the possibility of generative AI generating security risk content, including filtering out identified risk samples. For fine-tuning data generated by generative AI, samples containing security risks should be filtered out before usage.
Original source