China National Internet Information Office announced the data outbound security assessment method on Thursday (July 7), which stipulates that "key information infrastructure operators" must pass the security evaluation of the Internet Information Office to provide personal information to overseas.
According to the official website of the Internet Information Office, in addition to the key information infrastructure operators, the data processor who handles more than 1 million personal information, as well as a total of 100,000 to the overseas overseasData processing of personal information or 10,000 sensitive personal information must also abide by the above provisions.
The data outbound security assessment method also pointed out that data processors should start the data outbound risk self -assessment before declared data outbound security assessment, focusing on several matters, including the purpose of data outbound and overseas receiving party processing data.; The scale, scope, type, and sensitivity of outbound data, data outbound may have risks brought by national security, public interests, individuals or organizations' legitimate rights and interests.
The Wall Street Journal quoted legal experts that the data outbound security assessment method that will take effect on September 1 may increase the compliance cost of the enterprise and promote more multinational companies to store data in China in ChinaEssenceThese regulations were issued after a draft released in October last year, and the procedures for data outbound and overseas receiving party processing data generated in China have clearly expired.
The Chinese online car giant Didi Chuxing went to the United States for two days at the end of June last year, and was reviewed by the China National Internet Information Supervision Agency.Since then, national data security involved in Internet companies has been widely discussed in China.
