China’s plan to block export of ‘core’ data raises questions over implementation
- A draft regulation by the Ministry of Industry and Information Technology seeks to protect core domestic technology data from leaving China’s borders
- The proposed rules, which define data according to their level of importance, lack clarity, experts said
China’s latest efforts to retain certain technology data within its borders have raised questions over how private businesses should categorise their information to comply with the new guidelines.
The country’s Ministry of Industry and Information Technology (MIIT) released a draft regulation last week that seeks to block the export of core industrial and telecommunications data, marking China’s first regulatory attempt to draw up detailed rules under its sweeping Data Security Law rolled out this year.
Under the regulation, all businesses that handle such data are required to classify their information into three categories. The sharing of “important” data with foreign parties requires special government review and approval, while “core” information is strictly barred from leaving China. All relevant data, including those labelled “ordinary”, should be listed in a catalogue and reported to the MIIT’s local branches.
Core data is broadly defined as any information that concerns national and economic security, people’s welfare and important public interest, according to China’s Data Security Law, which was promulgated in June and came into force on September 1.
As such, much of the data handled by major state-owned enterprises, including business secrets, can be construed as “core”, according to Xia Hailong, lawyer at law firm Shanghai Shenlun.
“The export ban on core data can be understood as China’s new way of protecting key business secrets,” Xia said.