China: National Cybersecurity Standardisation Technical Committee closes consultation on draft standard on personal information protection requirements for minors' products and services

On 27 September 2025, the Secretariat of the National Cybersecurity Standardisation Technical Committee (TC260) closes the public consultation on the draft national standard titled Data Security Technology: Personal Information Protection Requirements for Minors' Products and Services. The draft standard, developed under the coordination of the Cyberspace Administration of China (CAC), sets out graded requirements for the protection of personal information in products and services directed at or accessible by minors. It establishes three protection levels, basic, enhanced interactivity, and age-appropriate optimisation, and defines technical and organisational measures concerning user identification, guardian control mechanisms, biometric data, automated decision-making, generative artificial intelligence, and compliance auditing. The standard applies to developers, operators, auditors, and guardians involved in the processing of personal information of individuals under 18 years of age and references normative documents such as GB/T 35273, GB/T 45574—2025, and GB/T 42574—2023.