China: 2025 Internet of Vehicles action plan including cybersecurity regulations enters into force

On 31 July 2025, enterprises subject to the 2025 Internet of Vehicles (IoV) action plan adopted by the Shanghai Municipal Communications Administration must complete the security classification filing for their vehicle networking platforms, infrastructure, and systems. This requirement applies to IoV service providers, including platform operators and intelligent connected vehicle manufacturers operating in Shanghai. The classification process must follow national standards such as the Cybersecurity Protection Requirements for Vehicle Networking Service Platforms and be registered with the municipal communications authority. Enterprises whose platforms are classified as Level 3 or higher must subsequently submit cybersecurity conformity assessments and risk evaluations within 30 working days of classification approval.