Description

Adopted Network Data Security Management Regulation including data protection requirements

On 30 August 2024, the State Council of China approved the Network Data Security Management Regulation prepared by the Cyberspace Administration of China. The Regulation implements and further specifies the details of the Cybersecurity Law, Data Security Law, and Personal Information Protection Law (PIPL). Under the Regulation, data may be classified as general data, important data, or core data. In case data processors process the data of more than one million people, the Regulation foresees additional data protection requirements. Furthermore, in order to share or trade important data, as well as to entrust the processing of important data third parties, governmental auhorisation is required.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
central government

Complete timeline of this policy change

Hide details
2021-11-14
under deliberation

On 14 November 2021, the Draft Regulations on the Administration of Network Data Security have been…

2021-11-14
in consultation

On 14 November 2021, the public consultation opened for the Draft Regulations on the Administration…

2021-12-13
processing consultation

On 13 December 2021, the public consultation opened for the Draft Regulations on the Administration…

2024-08-30
adopted

On 30 August 2024, the State Council of China approved the Network Data Security Management Regulat…

2025-01-01
in force

On 1 January 2025, the Network Data Security Management Regulation enters into force. The Regulatio…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.