The Basic Requirements for the Security of Generative Artificial Intelligence Services

Recently, the National Information Security Standardization Technical Committee (“TC260“) issued the Basic Requirements for Security of Generative Artificial Intelligence Services (Draft for Soliciting Opinions) (“Draft Requirements“).[1]This is China’s first national standard that specifically puts forward specific security requirements

On the 7 July 2022, the Cyberspace Administration of China (“CAC“) promulgated the Measures for the Security Assessment of Outbound Data Transfers (“Measures“), which are due to take effect on 1 September 2022.

The Measures contain 20 Articles that we have grouped into the following 11 themes:

  1. Purpose and scope –

Background

On 1 November 2021, the Personal Information Protection Law of the People’s Republic of China (“PIPL”) took effect and became the first Chinese law dedicated to protecting the personal information rights of individuals. However,     due to a lack of implementation regulations and clarity, many companies face a situation where they are

On 7 July 2022, the Cyberspace Administration of China (“CAC“) issued the Measures for the Security Assessment of  Outbound Data Transfers (“Measures“), which will take effect on 1 September 2022. The Measures underwent three rounds of public consultation in 2017, 2019 and 2021 before they were finalised.

In its final form,

REGULATIONS

CAC seeks comments on revising Administrative Measures for Internet Information Services

On January 8, 2021, the Cyberspace Administration of China (“CAC”) issued the Administrative Measures for Internet Information Services (Revised Draft for Comments) (the “Draft for Comment”) for public comments by February 7, 2021.

The Draft for Comment applies 

REGULATIONS

CAC seeks comments on scope of necessary personal information required for 38 types of Apps

On December 1, 2020, the Cyberspace Administration of China (“CAC”) issued the Scope of Necessary Personal Information Required for Common Types of Mobile Internet Applications (Draft for Comment) (the “Draft for Comment”) for public comments

REGULATIONS

NISSTC issued the Guidelines for Data Security of Online Car-booking Services (Draft for Comment)

On November 10, 2020, the Secretariat of the National Information Security Standardization Technical Committee (“NISSTC”) issued the Information Security Technology – Guidelines for Data Security of Online Car-booking Services (Draft for Comment) (the “Draft”) for public comments by January 8,

REGULATIONS

MIIT launches 2020 program of checking cyber security in telecommunications and internet industries

On October 9, 2020, the Ministry of Industry and Information Technology (“MIIT”) issued the Circular on Working Effectively on the 2020 Program of Checking the Cyber Security in the Telecommunications and Internet Industries (the “Circular”).

The Circular 

REGULATIONS

The Chinese side proposes a Global Initiative on Data Security

On September 8, 2020, Foreign Minister Wang Yi delivered a keynote speech at a high-level meeting of an international seminar themed with “Seizing Digital Opportunities for Cooperation and Development” and proposed a Global Initiative on Data Security (“Initiative”). The Initiative mainly includes

The Ministry of Commerce launches pilot program on security management for cross border data transfer

On August 14, 2020, the Ministry of Commerce (“MOC”) issued the Master Plan for Comprehensively Deepening the Pilot Program on Innovative Development of Trade in Services (“Plan”), covering 28 provinces and municipalities directly under the Central