China: TC260 standard Basic Requirements for Security of Generative Artificial Intelligence Services of Cybersecurity Technology including data protection regulation enters into force

On 25 April 2025, the National Information Security Standardisation Technical Committee of China (TC260) adopted the national standard "Basic Requirements for Security of Generative Artificial Intelligence Services of Cybersecurity Technology". The standard requires providers to develop intellectual property management strategies to identify risks and to establish a reporting channel for infringements. Before using data for training purposes, providers are required to identify potential copyright infringement risks, especially for data containing literary, artistic, or scientific works. User agreements must address intellectual property risks, and strategies must be updated regularly. Finally, the standard requires providers to publish information on the intellectual property aspects of training data and to support third-party queries on data use.