Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
China: TC260 requests comments on draft standard on security requirements for data transaction services
On August 25, 2023, the National Information Security Standardization Technical Committee (TC260) requested public comments on the draft Information Security Technology-Security Requirements for Data Transaction Service standard. The draft standard provides security requirements for data transaction participants, as well as transaction objects, platforms, and processes, and is applicable to data suppliers, data demanders, data trading venues, data vendors, and third-party professional service organizations.
The draft standard outlines that it aims to standardize data transactions and details data security principles, among other things:
- legal compliance principle;
- principle of process controllability;
- principle of classification; and
- security principle.
More granularly, the draft standard outlines specific security requirements for different parties and transactions including data transaction participants, as well as transaction platforms and processes. Furthermore, the draft standard notes examples of prohibited transaction data.
Public comments can be submitted to [email protected] until October 24, 2023.
You can read the press release here and download the draft standard here, both only available in Chinese.