China: National Cybersecurity Standardisation Technical Committee released guide on requirements for prevention and handling of new types of corruption on internet platforms

On 10 February 2026, the Secretariat of the National Cybersecurity Standardisation Technical Committee (TC260) released the cybersecurity standards practice guide on requirements for the prevention and handling of new types of corruption on internet platforms (TC260-PG-20263A). The guide specifies basic requirements, daily prevention requirements, and handling requirements for the prevention and handling of new-type corruption by internet platform personnel. The guide covers traffic manipulation, data fraud, privilege rent-seeking, and ranking fraud, and defines the relevant conduct as unlawful and non-compliant acts in which personnel use system permissions, data resources, and traffic resources to obtain improper benefits. It sets organisational and technical controls, including integrity rules covering data, traffic, and permissions, unified access control and regular permission review, reporting channels and feedback, and technical prevention and control using technologies including big data and artificial intelligence. It requires at least an annual business process review and audits covering high-risk scenarios including traffic allocation, access control and advertising placement, and provides for investigation and evidence collection, event classification by harm target and degree of harm, internal handling where the prosecution threshold is not met, and transfer with a complete evidence chain to public security authorities where the prosecution threshold is met.