Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

China: TC260 requests comments on draft standard on security requirements for data transaction services

On August 25, 2023, the National Information Security Standardization Technical Committee (TC260) requested public comments on the draft Information Security Technology-Security Requirements for Data Transaction Service standard. The draft standard provides security requirements for data transaction participants, as well as transaction objects, platforms, and processes, and is applicable to data suppliers, data demanders, data trading venues, data vendors, and third-party professional service organizations.  

The draft standard outlines that it aims to standardize data transactions and details data security principles, among other things:

  • legal compliance principle;
  • principle of process controllability;
  • principle of classification; and
  • security principle.

More granularly, the draft standard outlines specific security requirements for different parties and transactions including data transaction participants, as well as transaction platforms and processes. Furthermore, the draft standard notes examples of prohibited transaction data.

Public comments can be submitted to [email protected] until October 24, 2023.

You can read the press release here and download the draft standard here, both only available in Chinese.