Draft regulations on data security management released by China’s central bank

China’s PBoC issued draft data security rules to enhance data control amid tensions. The draft rules aim to enhance data security, implement accountability, and manage data processing operations.

China Flag on the table

People’s Bank of China (PBoC) released draft rules on data security management for its own operations. This is Beijing’s response to strengthen its control over data usage and security amid increasing geopolitical tensions and growing privacy concerns. According to the draft rules, there will be a data security accountability system and disciplinary measures for breaches, aiming to manage all data processing operations.

Additionally, data collected by the PBoC within the country will be stored domestically if required by law. Data processors are also prohibited from dividing or minimizing data size to avoid undergoing official security inspections when exporting the data.

PBoC invites the public to comment on the proposed guidelines until 24 August. China introduced cross-border data review regulations, which mandate a security assessment for offshore data transfers deemed ‘important.’ This action resulted in uncertainty and apprehension among foreign financial companies conducting business within China.