Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Bangkok Post
Bangkok Post
Business

China restricts industrial data exports to enhance data security

An employee works on the production line at Jingjin filter press factory in Dezhou, Shandong province, China on Aug 25, 2022. (Reuters photo)

China's industry ministry has passed new rules mandating that important industrial data be stored within the country, as Beijing expands its web of regulations governing data security in a drive to tighten control over domestic data.

"Important" and "core" industrial data collected and generated in mainland China should be kept within the country, while data that needs to be exported should undergo a security assessment, according to new regulations published by China's Ministry of Industry and Information Technology (MIIT) on Tuesday.

The new rules cover data produced in areas including industry, telecoms and radio waves as they fall under the purview of the MIIT. China's Data Security Law, which came into effect in September last year, requires each government body to supervise data security in their own realms.

The regulations also come at a time when data has become "the most active new factor of production" in the digital economy, and as data security risks become increasingly important in relation to national security, the MIIT said in a statement on Wednesday.

The industrial data regulation was first drafted in September last year, covering domestic data processing activities such as data collection and security risk monitoring.

Classifying data based on its importance is a concept mentioned in China's Data Security Law, even though "important data" still lacks an official definition.

Draft guidelines, published in January by the National Information Security Standardisation Technical Committee, defined "important data" as data that could harm national security and public interest if tampered with, damaged or leaked, but the document is still undergoing amendment.

Local government bodies should formulate important data catalogues for their industries, according to the new MIIT law.

In recent years China has ramped up its data security push, rolling out a network of laws and regulations that have significantly increased compliance costs for businesses.

A regulation governing cross-border data transfer came into effect in September this year, burdening a wide range of companies with a slew of paperwork that they need to submit to local offices of the Cyberspace Administration of China (CAC) if they seek to export data.

Documents needed include a self-assessment report that provides detailed information about the company seeking to export data, the recipient overseas and how they will handle the data.

Companies need to state in their application form the name of the data centre that will handle the information to be transferred, as well as the physical location and internet protocol addresses of the relevant server rooms in such a facility, according to the CAC.


Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.