China: National Cybersecurity Standardisation Committee closes consultation on national standard on guidelines and evaluation methods for personal information anonymisation

On 26 October 2025, the National Cybersecurity Standardisation Committee closes the consultation on the national standard on guidelines and evaluation methods for personal information anonymisation. The standard applies to organisations processing personal data in China, including internet platforms, cloud providers, financial institutions, and research bodies. The standard sets out requirements for irreversible anonymisation, distinguishes anonymisation from pseudonymisation, prescribes technical methods including generalisation, suppression, randomisation, masking and synthetic data. The standard introduces evaluation criteria, including k-anonymity, l-diversity and t-closeness to mitigate re-identification risks, aiming to support compliance with the Personal Information Protection Law while enabling data use.