China to block ‘core’ industrial, telecoms data from leaving the country
- The Ministry of Industry and Information Technology has drafted new regulation to bar the transfer of crucial industrial and telecoms data outside China
- The ministry is now soliciting public feedback on the proposed regulation until the end of October
All businesses that handle industrial and telecoms data in China are required to categorise such information into “ordinary”, “important” and “core”, and report their data catalogue to the MIIT’s local branches, according to the draft regulation. Sharing data categorised as “important” to a foreign party requires a special review and approval process, while all “core” industrial and telecoms data are barred from leaving China under any circumstance.
Industrial data refers to information gathered and produced in sectors that include raw materials, machinery, consumer goods, electronics manufacturing, and software and information technology, according to the draft regulation. Telecoms data includes information gathered and produced from the broad communications network market.
The definition of what is “important” and “core” data is subjective, according to the draft regulation.
The MIIT is the country’s first regulator to release detailed rules under its jurisdiction, in line with the DSL that took effect on September 1. The law stipulates that data should be categorised based on their importance to the country’s development, with a “stricter management system” applied to “core” data.
Established in 2008 by China’s State Council, the MIIT assumed the functions of several previous ministries and offices. It is responsible for the administration of the country’s various industrial branches and growing information technology sector.
Under the MIIT’s proposed new regulation, data will be labelled as “important” if such information is likely to threaten China’s “politics, land, military, economy, culture, society, science and technology, cyberspace, ecosystem, resources and nuclear security”, or affect the country’s interests overseas and its data security in space, polar regions, deep sea and artificial intelligence.
Information will be considered “core” data if posing a “serious threat” to those same areas.
To further elaborate, the draft regulation states that data will be categorised as “important” if such information can affect “the development, production, operation and economic interests of industries”, including the telecoms sector. Data will be classified as “core” if the transfer of such information can significantly impact China’s major enterprises, information infrastructure and other important resources.
The MIIT’s proposed new regulation is expected to strengthen Beijing’s power to oversee cross-border flow of industrial and telecoms data.
The head office of an industrial conglomerate based in Europe, for example, would face hurdles in gaining access to data from its China-based facilities. An intermediary agency, such as an investment bank, law firm or consultancy in New York, would find it difficult to receive certain data from their clients on the mainland.
China’s DSL has left open specific definitions of national and economic security, people’s welfare and important public interest. Providing such details has been left to the country’s ministries and local governments.