China: Ministry of Industry and Information Technology adopted measures to strengthen customer data security for internet data centers

On 13 January 2025, the Ministry of Industry and Information Technology (MIIT) adopted measures to enhance customer data security protection for Internet Data Centres (IDCs). The measures aim to ensure compliance with the Data Security Law and the Cybersecurity Law and focus on defining security responsibilities, improving institutional safeguards, and implementing tailored protections for customer data. Requirements include secure data processing, transmission and storage, as well as emergency preparedness and security of server hosting facilities. The MIIT also plans to develop data security standards and encourage third-party capability assessments to guide best practices.