/cloudfront-us-east-2.images.arcpublishing.com/reuters/NSJBRCYKRRMY5OT2HHCAOICG74.jpg)
[ad_1]
People wearing protective masks look at their cell phones in a subway train, following new cases of coronavirus disease (COVID-19) in Beijing, China on December 25, 2020. REUTERS / Tingshu Wang
BEIJING, Sept.30 (Reuters) – China on Thursday released new draft measures to strengthen its new data security law, including definitions of what it considers “essential” and “important” data .
China implemented the Data Security Law on September 1, which requires all Chinese companies to classify the data they process into multiple categories and governs how that data is stored and transferred to other parties. .
But lawyers criticized its ambiguities, including its lack of data definitions.
Thursday’s draft measures detail three categories of data – ordinary data, important data and basic data.
The authorities describe ordinary data as data with minimal capacity to impact society as a whole, or which will affect a small number of individuals or businesses.
Important data is defined as data that poses a threat to China’s national and economic interests or impacts the rights of individuals and organizations, and has an “obvious cascading effect” across a range of industries. and businesses.
Basic data, on the other hand, is defined as data that poses a “serious threat” to China’s national and economic interests. The disruption of important data could cause “major damage”, leading to “large scale shutdowns” or “large scale network and service paralysis”.
The regulator adds that organizations can “self-assess” the security of ordinary data, but must conduct annual assessments at least once a year.
Organizations must also receive approval for the cross-border transfer of master data and important data through a special mechanism, according to the rules.
Data policy has become one of many areas that regulators have targeted in an ongoing industry crackdown that has unfolded over the past year. China’s Data Security Law builds on the Cyber ​​Security Law of 2017, which marked the first major set of rules governing the storage and transfer of data of Chinese origin.
Reporting by Brenda Goh, Yingzhi Yang, Yilei Sun and Josh Horwitz; edited by Jason Neely and Kim Coghill
Our standards: Thomson Reuters Trust Principles.
[ad_2]
