On September 30, 2025, the European Union Chamber of Commerce in China (European Chamber) consolidated detailed comments and recommendations regarding the Measures on Data Security Management in the Energy Sector (Trial) (Draft for Comments) from its diverse membership within the energy sector. The feedback would submit to the National Energy Administration (NEA) in the name of the European Chamber. While supporting the regulation’s security objectives, the European Chamber calls for clearer definitions and implementation guidelines to ensure practical implementation.
The feedback identifies areas where enhanced clarity could facilitate smoother implementation. Key points raised concern the definitions within the draft measures. Members suggest further clarification on terms such as “energy industry data,” particularly regarding the scope of “consumption” activities and the entities classified as “energy industry data processors.” Furthermore, the European Chamber highlights the need for more precise criteria for classifying data into general, key, and core categories. It is recommended that terms like “a certain level of accuracy,” “a large scale,” and “a high level of coverage” be illustrated with practical examples or numerical thresholds to provide clearer guidance.
A central recommendation involves the formulation and publication of data classification catalogues. The European Chamber suggests that the NEA should be responsible for formulating and publishing standards for data classification and grading in the energy industry, key data catalogues for the energy industry, and the scope of general data in the energy industry. Similarly, it is proposed that provincial-level energy authorities publish regional catalogues. This transparency would aid companies, including foreign-invested enterprises, in accurately identifying key data, thereby ensuring compliance and reducing regulatory uncertainty. For foreign companies, clear catalogues are particularly crucial for managing necessary cross-border data transfers for global collaboration and R&D.
The submission also includes specific suggestions on several procedural articles. These include proposing an explicit obligation for data controllers to inform delegates when entrusted with processing key data. For cross-border data transfer rules, the feedback seeks clarification on the specific laws and assessment principles governing the process and proposes exploring streamlined “green channels” for eligible foreign-invested enterprises. Regarding core data flows, a suggestion was made to exempt transfers between affiliated small, medium and micro-sized enterprises to alleviate compliance burdens.
The European Chamber’s feedback aims to contribute to a robust, clear, and predictable regulatory framework for energy data security in China, supporting both security objectives and the continued growth and innovation of the energy sector.
