China’s top Internet authority has flagged plans for its data protection regime to be differentiated on the basis of several distinct data categories.
On 14 November the Cyberspace Administration of China (CAC) issued the draft version of the “Internet Data Security Administrative Regulations” (网络数据安全管理条例(征求意见稿)) for the solicitation of opinions from the public.
The Regulations call for the establishment within China of a “category and grade-based data protection system,” which divides data into the three categories of “regular data” (一般数据), “important data” (重要数据) and “core data” (核心数据) depending upon its relevance for and impact upon national security, public interests, and the rights and interests of individuals and organisations.
Data will be subject to different levels of protection based on these categories, with “focused protection” applied to personal information and important data, and “strict protection” reserved for core data.
