China: Automobile Data Security Provisions including data residency obligations issued

On 20 August 2021, the Cyberspace Administration of China (CAC), together with the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security and the Ministry of Transport, jointly issued the Provisions on the Security Management of Automobile Data (Trial). Many of the provisions of the draft have been preserved, including the principle of data retention, which applies specifically to important data. Under this principle, important data, defined as information that is relevant to the public interest and national security, such as geographic information or data on military zones, must be stored within China. Furthermore, personal information is to be protected fully through means of consent by and notification of individuals. The provisions also prescribe a security assessment procedure when data must be transferred overseas for business purposes. The Provisions will enter into force on October 1st.