On 30 August 2024, the State Council of China approved the Network Data Security Management Regulation prepared by the Cyberspace Administration of China. The Regulation implements and further specifies the details of the Cybersecurity Law, Data Security Law, and Personal Information Protection Law (PIPL). Under the Regulation, data may be classified as general data, important data, or core data. In case data processors process the data of more than one million people, the Regulation foresees additional data protection requirements. Furthermore, in order to share or trade important data, as well as to entrust the processing of important data third parties, governmental auhorisation is required.
Original source