Recently, the Cyberspace Administration of China (CAC), the National Development and Reform Commission (NDRC), the Ministry of Industry and Information Technology (MIIT), the Ministry of Public Security (MPS) and the Ministry of Transport (MOT) jointly released Certain Provisions for the Administration of Automobile Data Security (Trial), which will come into force in October 1, 2021.
 
Key messages are as follows:

• The Provisions advocates that automobile data processors adhere to the data processing principles of ‘in-automobile processing’, ‘no collection by default’, ‘application within accuracy range’, ‘data masking’, etc. when processing important automobile data, in an effort to reduce the disorderly collection and illegal abuse of automobile data.
• The Provisions emphasizes that when automobile data processors process important data, they should abide by the regulations on domestic data storage according to law and strengthen the security protection of important data; implement the requirements of the risk assessment report system and prevent data security risks; implement the requirements of the annual report system and report the annual automobile data security management situation on time. If it is necessary to provide important data overseas due to business needs, the automobile data processor shall adhere to the requirements of the data export security evaluation system, and shall not provide important data overseas in violation of the export security evaluation conclusions. Relevant information shall be included in the annual report.

If you need the translation of this document, please contact 

assistant@bestao-consulting.com