China Digital Economy - Monthly Policy Updates (October 2023)
The China-Britain Business Council will collaborate with LexisNexis as part of the working group programme to provide you the latest updates on the digital economy including case studies, insights, and analysis.
China Releases Draft National Standard “Guideline for Cybersecurity Insurance Application”
【2023-09-13】
On September 13, the National Information Security Standardization Technical Committee (NISSTC) released the national standard "Information Security Technology – Guideline for Cybersecurity Insurance Application (Exposure Draft)" (hereinafter referred to as the “Standard”) to seek public consultation.
The proposed Standard is designed to implement the provisions of the Cybersecurity Law, strengthen the regulation of cybersecurity risks, and proactively promote innovation and development in cybersecurity insurance and service models. It is also a response to the Opinions on Promoting the Standardized and Sound Development of Cybersecurity Insurance, jointly issued by the Ministry of Industry and Information Technology (MIIT) and the China Banking and Insurance Regulatory Commission (CBIRC), which calls for “establishing a system of standards covering the entire lifecycle of cybersecurity insurance services, defining the fundamental processes and general requirements for insurance underwriting, underwriting review, claims processing, and other essential components; researching and developing standards for quantifying cybersecurity risks within key sectors and industries before underwriting, and standardizing the cybersecurity risk assessment requirements”. Drawing on the international standards pertaining to cybersecurity insurance while taking into account the current status of the cybersecurity insurance industry and cybersecurity risk management practices in China, the draft Standard offers cybersecurity insurance guidelines tailored to China's national conditions, aiming to assist and guide organizations in addressing and managing risks through the utilization of cybersecurity insurance.
China Releases Draft Provisions on Regulating and Facilitating Cross-Border Data Flow
【2023-09-28】
On September 28, 2023, the Cyberspace Administration of China (CAC) released the Provisions on Regulating and Facilitating Cross-Border Data Flow (Exposure Draft) (the "draft Provisions") to seek public consultation. The eleven articles making up the draft Provisions primarily address the new conditions that trigger the security assessment obligation, the obligations for executing and record-filing of a Standard Contract for Outbound Cross-Border Transfer of Personal Information, and the obligation for personal information protection certification in cases of outbound data transfers.
Fujian Province Rolls out Provincial Implementation Plan for Accelerating the Market-Oriented Reform of Data as a Factor
【2023-09-19】
On September 19h, the Office of the Leading Group for the Development of “Digital Fujian” of Fujian Province unveiled the Implementation Plan for Accelerating the Market-Oriented Reform of Data as a Factor in Fujian Province (the “Plan”). This Plan extensively applies the guidelines established in the Opinions of the CPC Central Committee and the State Council on Building the Fundamental Systems for Data to Better Utilize the Role of Data as a Factor, aiming to promote the establishment of fundamental systems for data, unlocking its potential as a production factor, and accelerating the market-oriented reform in this sphere to support the robust growth of a digital economy.
The Plan sets clear objectives, including “nurturing 100 organizations that meet the standards outlined in the "Data Management Capability Maturity Assessment Model," creating 100 typical data application scenarios, and listing over 2,000 products on the Fujian Big Data Exchange by 2025”. It also outlines key tasks, such as exploring and developing a well-regulated and orderly market of data as a factor, building efficient and standardized data trading platforms, further developing a secure and efficient public data development system based on data classification, expanding diverse and innovative data application scenarios, and establishing a sound governance mechanism for data as a factor that is flexible and inclusive.