The manner in which China will regulate data security in the automotive industry has become much clearer.
On 20 August 2021, the Cyberspace Administration of China (the “CAC”), together with the National Development and Reform Commission, the Ministry of Industry and Information Technology (MIIT), the Ministry of Public Security, and the Ministry of Transport, jointly issued the Provisions on Management of Automotive Data Security (Trial) (“Management Provisions”), which will take effect on 1 October 2021.
The Management Provisions have made a number of changes to the previously circulated Provisions on the Management of Automotive Data Security (Draft) (the "Draft") which were issued by CAC in May 2021 for public comments. However, one thing that did not change is China’s clear intent that data security of the automotive industry will be strictly regulated.
The main update is that the Management Provisions adopt more accurate definitions and terms, and form a clearer framework regarding the protection and regulating of personal information and important data. Also it can be noted that the legislators have taken pains to have the Management Provisions be consistent with other laws such as Data Security Law.
This article highlights the key changes made in the Management Provisions.