China: Closed consultation on TC260 information security technology requirements for transfer of personal information based on individual requests

Description

Closed consultation on TC260 information security technology requirements for transfer of personal information based on individual requests

On 2 June 2024, the National Information Security Standardisation Technical Committee of China (TC260) closes the public consultation on the draft national standard titled "Information Security Technology Requirements for Transfer of Personal Information Based on Individual Requests". In particular, the draft includes definitions of terms related to personal information transfer, the scope of information eligible for transfer, conditions under which individuals can exercise their right to information transfer, and detailed processes for initiating a transfer request. Furthermore, the draft specifies that the data controller is required to ensure the secure transmission of the data and verify that it is transferred to the correct recipient. The data controllers are also required to inform data subjects if the recipient poses security risks or has an inferior data security system.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2024-04-03
in consultation

On 3 April 2024, the National Information Security Standardisation Technical Committee of China (TC…

2024-06-02
processing consultation

On 2 June 2024, the National Information Security Standardisation Technical Committee of China (TC2…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.