On December 2, 2025, the National Standardization Administration of China (SAC) released a new mandatory national standard, GB 46864-2025 Data security technology – Technical requirements for information sanitization of electronic products. The standard will take effect on 1 January 2027.

The standard specifies the basic requirements, functional requirements, and procedural requirements for information sanitization (or erasure) of electronic products. It applies to electronic products with non-volatile storage media that are manufactured and sold within China.

Additionally, it applies to electronic product manufacturers, third parties engaged in developing information erasure functions for electronic products, and recycling operators performing information erasure on second-hand electronic products. This document does not apply to electronic products used for processing national secrets; such products shall be handled in accordance with the relevant national confidentiality regulations.

The core objectives of the standard centers on thorough data erasure, aiming to protect users’ personal information. The scope of data or information erasure includes files, applications, and system settings, while excluding cloud backups or pre-installed data. Two erasure methods are stipulated – data overwrite and block erase. Electronic product manufacturers are required to provide built-in information erasure function to users. If built-in erasure functions are not feasible, the manufacturers must either provide external erasure tools, recommend specific third-party tools, or offer free information erasure service. Users must be clearly informed of the scope, method, and potential impacts of information erasure, and erasure operations shall only be performed with users’ informed consent.

Similar requirements are imposed on recycling operators. Second-hand electronic products may only be sold or transported out of the China after undergoing qualified information erasure in compliance with the provisions of this standard. Recycling operators are required to document the information erasure operations and results for second-hand electronic products, with such records being retained for a minimum of 3 years. Furthermore, they must establish management systems and basic measures for information erasure, designate responsible personnel, formulate relevant management systems and operating procedures, and provide technical support for inquiries and traceability related to the erasure status.

This standard was proposed by the Cyberspace Administration of China (CAC) to implement Action Plan for Promoting Large-Scale Equipment Renewal and Consumer Goods Trade-Ins. SAC/TC260(Cybersecurity) was responsible for its drafting. Upon entry into force, CAC will assume jurisdiction over the implementation and enforcement of this mandatory standard. If you need more information about this mandatory standard, please feel free to contact us via email at any time (assistant@sesec.eu).

Source: https://www.cac.gov.cn/2025-12/13/c_1767269721368254.htm