China: Implemented MIIT emergency plan for data security incidents in field of industry and information technology including incident categorisation and response framework

On 1 November 2024, China’s Ministry of Industry and Information Technology’s (MIIT) emergency plan for data security incidents in the industrial and information technology field (trial) enters into force. The plan establishes a response framework for managing data security incidents within the industrial and information technology sectors. It aims to organise procedures for addressing data security incidents involving unauthorised data alterations, destruction, leaks, or misuse that may impact national security, public interests, or individual and organisational rights. Data security incidents are categorised into four levels, particularly significant, significant, relatively large, and general, based on the extent of their impact on national security, industrial networks, and economic stability. Each level specifies a corresponding response to mitigate potential harm. The plan also defines a multi-tiered response structure. The Cybersecurity and Informatisation Leadership Group of MIIT, under the National Data Security Work Coordination Mechanism, leads the unified command and coordination for particularly significant incidents. Local industry regulatory bodies are tasked with incident response within their jurisdictions, supported by data security emergency support agencies responsible for risk monitoring, prevention, and response actions. Data processors within the industrial and information technology sectors are required to develop internal emergency plans, which cover monitoring, prevention, and reporting obligations. A structured early warning system, categorised by red, orange, yellow, and blue levels, reflects the severity of data security risks, with coordination by MIIT.