China: State Administration for Market Regulation and Standardisation Administration adopted 6 cybersecurity national standards (Announcement No. 6 of 2025)

On 28 March 2025, the State Administration for Market Regulation and the Standardisation Administration of China issued the National Standard Announcement (No. 6 of 2025), approving 6 national cybersecurity standards developed under the supervision of the National Information Security Standardisation Technical Committee (TC260). The standards are scheduled to enter into force on 1 October 2025. They address a range of cybersecurity and data governance issues. These include technical specifications for operational security management products (GB/T 45409-2025), capability requirements for data security assessment institutions (GB/T 45389-2025), and security requirements for automated decision-making based on personal information (GB/T 45392-2025). The set also covers security requirements for the processing of government data (GB/T 45396-2025), requirements for internal personal information protection supervisory bodies in large internet enterprises (GB/T 45404-2025), and security technical requirements for programmable logic controllers (GB/T 45406-2025).