If you didn’t find what you were looking for, try a new search!
On December 2, 2025, the National Standardization Administration of China (SAC) released a new mandatory national standard, GB 46864-2025 Data security technology – Technical requirements for information sanitization of electronic products. The standard will take effect on 1 January 2027. The standard specifies the basic requirements, functional requirements, and procedural requirements for information sanitization (or erasure) of electronic products. […]
In December 8, 2025, the National Energy Administration (NEA) issued the Measures on Data Security Management in the Energy Sector (Trial) (hereinafter referred to as the Measures), which are set to take effect on July 1, 2026 and will be valid for a period of five years. This regulatory framework represents a significant step in implementing China’s overarching Data Security Law within the […]
On October 31, 2025, the National Technical Committee 260 on Cybersecurity of SAC (TC260) released a recommended national standard draft titled Data Security Technology – Requirements for Data Security Protection (hereafter referred to as the Draft), which is open for public comments until December 30. The Draft sets forth principles, objectives and a framework for data security protection, specifying general […]
On September 16, 2025, the Secretariat of the National Technical Committee 260 on Cybersecurity of Standardization Administration of China (or TC 260) issued the National Standard System for Data Security (2025 Edition) and the National Standard System for Personal Information Protection (PIP) (2025 Edition). The release aims to strengthen the implementation of key laws and regulations, including the Cybersecurity […]
On April 25, 2025, China’s National Technical Committee on Cybersecurity of the Standardization Administration of China (SAC/TC260) released the national recommended standard, GB/T 45574-2025 Data security technology-Security requirements for processing of sensitive personal information (hereinafter referred to as the Standard). The Standard, taking effect in December 1, 2025, aims to guide and regulate personal information processors in […]
On February 12, 2025, the Cyberspace Administration of China (CAC) released the Administrative Measures for Compliance Audits on Personal Information Protection (hereinafter referred to as the Measures). These regulations will take effect on May 1, 2025. China’s Personal Information Protection Law and the Regulations on Network Data Security Management require personal information processors to regularly conduct compliance audits on personal information protection. […]
From January 26 to February 21, 2025, the National Cybersecurity Standardization Technical Committee (TC260) is soliciting public comments on the draft AI Security Standards System (V1.0) (hereinafter referred to as the “Standards System”). The Standards System was developed in response to the Global AI Governance Initiative and aims to support the implementation of the AI Security Governance Framework, which was released […]
The China Communications Standards Association (CCSA) has completed the draft for approval of the sector standard Guidelines for the Identification of Key Data in Industrial Fields (hereinafter referred to as the “Guidelines”). It is currently soliciting public comments on the draftit. The Guidelines outline the basic principles, processes, and considerations for industrial data processors to identify key […]
On March 22, the Cyberspace Administration of China (CAC) released the second edition of the “Guidelines for Applying for Cross-Border Data Transfer Security Assessment” and the “Guidelines for Applying for Filing of the Standard Contract for Cross-Border Transfer of Personal Information”. These guidelines aim to provide guidance to enterprises for ensuring data export compliance. China has recently introduced several […]
On February 26th, the Ministry of Industry and Information Technology of China unveiled the Implementation Plan for Improving Data Security Capabilities in the Industrial Sector (2024-2026) (hereinafter referred to as the Implementation Plan). This strategic initiative is crafted in response to evolving legislative and regulatory mandates concerning data security within the industrial domain. Structured into three core […]
