China: National Information Security Standardisation Technical Committee adopted standard on security requirements for data transaction services
Description
National Information Security Standardisation Technical Committee adopted standard on security requirements for data transaction services
On 2 December 2025, the National Information Security Standardisation Technical Committee (TC260) adopted the Standard Data Security Technology-Security Requirements for Data Transaction Services (GB/T 37932-2025). The standard sets out security requirements for data-transaction services covering participants, platforms, targets, and processes. It applies to data providers, data demanders, data-transaction institutions, data vendors, and third-party data-service institutions, and to authorities and assessment bodies responsible for supervising and evaluating the security of data-transaction services. The standard enters into force on 1 July 2026.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body