China's MIIT requires security assessment before data is sent overseas
Published: Dec 14, 2022 02:11 AM
Photo: VCG

Photo: VCG

China's Ministry of Industry and Information Technology (MIIT) issued trial regulations for industrial and information data security on Tuesday, which require important data in key areas to undergo a safety assessment before being provided overseas.

According to the regulations, which are effective from January 1, 2023, vital and core data collected and generated by industrial and information data processors in China should be stored within the country if required by laws and administrative regulations.

Data that needs to be provided overseas should undergo security assessment in accordance with laws and regulations.

The regulations say that the MIIT will handle requests from foreign industrial, telecommunications and law enforcement agencies in accordance with relevant laws, international treaties and agreements, and the principles of equality and reciprocity.

Without the approval of the MIIT, industrial and information data processors may not provide vital and core industrial and information data to foreign agencies, according to the regulations.

The vital and core data includes anything relevant to China's political, territorial, military, economic, scientific, technological, cyber, ecological, resource, and nuclear security, and anything that might impact China's overseas interests and national security.

Those who violate the regulations will be given administrative punishments and prosecuted for crimi-nal responsibility if the act constitutes a crime.

China has been stepping up efforts to accelerate the implementation of regulations and standards tar-geting data in key sectors in a bid to strengthen data security.

According to the Data Security Law which took effect in 2021, if core state data is mishandled or na-tional sovereignty is endangered, a fine of up to 10 million yuan may be issued and a business license may be suspended or revoked.