The Shanghai municipal government plans to release China’s first regional standards for the secure usage of blockchain technology, placing an especially strong emphasis on the protection of personal data.
On 9 September the Shanghai Information Security Testing Evaluation and Certification Centre (上海市信息安全测评认证中心) (SHTEC) released the draft version of its “General Standards for Blockchain Security Technology” (区块链技术安全通用规范（征求意见稿）) for the solicitation opinions from the public.
According to SHTEC the new Standards are for the purpose of “strengthening guidance and standardisation of blockchain technology,” as well as “driving the safe and orderly development of blockchain technology applications.”
The Standards place heavy emphasis on the protection of personal data, outlining work requirements in three areas in particular:
- Usage of mainstream signature methods to protect information confidentiality, including but not limited to blind signatures, ring signatures and group signatures;
- The provision of data transformation technology, including methods such as data encryption and the desensitisation of sensitive data, in order to transform sensitive data;
- Appropriate usage of sidechain technology to achieve protection of personal information, and placement of sensitive operational data of users on sidechains, as opposed to storage on open master chains.
The move from SHTEC arrives following the release of the “Blockchain Technology Financial Application Assessment Regulations” (区块链技术金融应用评估规则) by the Chinese central bank on 10 July, as well as the requirement that Chinese financial institutions regularly conduct external security assessments and undertake filing of blockchain technology applications.