China: Consultation opened on Automobile Data Security Provisions including data protection requirements

On May 12th, the Cyberspace Administration of China (CAC) issued its draft Provisions on the Management of Automobile Data Security for public consultation until June 11th, 2021. Throught the provisions, the CAC aims to regulate the handling of of personal, important and very sensitive personal information (all defined within the draft) by operators of automobiles. The term operators applies in a broad sense as it includes designers, producers and service providers (e.g. dealers, insurers or software providers). The draft proposes various data protection obligations such as duty to "on device" processing, transparency and notice requirements as well as obligations concerning consent.