China: Adopted TC260 Data Classification and Grading Rules for Data Security Technology Rules (GB/T 43697-2024)

On 15 March 2024, the Chinese National Information Security Standardisation Technical Committee (TC260) adopted the Data Classification and Grading Rules for Data Security Technology Rules, as stipulated in the Data Security Law of the People's Republic of China. The rules aim to establish a data classification and hierarchical protection system, providing guidelines for identifying important data and core data involved and establishing corresponding data security protection measures. The rules follow the principles, framework, methods, and processes for data classification and grading, providing a general guide to various industries, regions, departments, and data processors to carry out data classification and grading work. The regulation does not apply to data involving state secrets and military data.