China: National Information Security Standardisation Technical Committee adopted guidelines on data security requirements for academic and scientific service platforms including data localisation requirements

On 16 September 2025, the National Information Security Standardisation Technical Committee (TC260) released the cybersecurity standard practice guidelines – data security requirements for academic and scientific service platforms. The guidelines require public and non-public academic and scientific data to be stored separately, and non-public data collected or generated within the territory of the People’s Republic of China to be stored domestically. Storage of such data must use access controls and encryption, and deletion policies must ensure secure erasure and physical destruction of media containing non-public data and personal information.