fbpx

Type to search

China Drafts Contingency Plan for Data Security Incidents

The plan comes amid Beijing’s push to tamp down national security risks and heightened concerns around large-scale data leaks and hacking


Illustration photo of computer code on a screen above a Chinese flag
Illustration photo of computer code on a screen above a Chinese flag. Image: Reuters

 

China has drafted a contingency plan outlining how companies and authorities need to respond to data security incidents.

The plan proposes to classify any incident according to four colour-coded tiers, each based on the degree of harm inflicted upon national security, a company’s online and information network, or the running of the economy.

The plan comes amid Beijing’s push to tamp down national security risks and heightened concerns around large-scale data leaks and hacking within its borders.

 

Also on AF: Nasdaq-Listed China Shadow Bank Down 60% on Property Crisis Hit

 

It also comes amid increasing geopolitical tensions with the United States and its allies.

China’s Ministry of Industry and Information Technology (MIIT) published the detailed draft plan on Friday, laying out how local governments and companies should assess and respond to incidents.

Incidents that involve losses surpassing 1 billion yuan ($141 million) and affect the personal information of over 100 million people, or the “sensitive” information of over 10 million people, will be classed as “especially grave”, the plan proposed.

Such an incident would require a red warning to be issued, it added.

It further said that in response to red and orange warnings, the involved companies and relevant local regulatory authorities must establish a 24-hour work rota to address the incident.

MIIT must be notified of the data breach within ten minutes of the incident happening, the plan said, among other measures.

“If the incident is judged to be grave… it should be immediately reported to the local industry regulatory department, no late reporting, false reporting, concealment or omission of reporting is allowed,” MIIT said.

The plan, which is currently soliciting opinions from the public, follows an incident last year when a hacker claimed to have procured a trove of personal information on one billion Chinese from the Shanghai police.

 

  • Reuters, with additional editing by Vishakha Saxena

 

Also read:

China Plans New Checks For Auditors, Accounting Firms

Notorious Hackers Seen Hitting US Arm of ICBC, China’s Top Bank

China’s Top Bank Paid Ransom After Cyber Attack, Gang Says

China Planning Ten-Fold Increase in Some Cyber Law Fines

China Plans Rules to Regulate Data Flows From Smart Cars

China’s Top Financial Data Provider, Wind, Cuts Foreign Access

China ‘Stolen Personal Data of 80% of Americans’ – The Hill

 

 

Vishakha Saxena

Vishakha Saxena is the Multimedia and Social Media Editor at Asia Financial. She has worked as a digital journalist since 2013, and is an experienced writer and multimedia producer. As a trader and investor, she is keenly interested in new economy, emerging markets and the intersections of finance and society. You can write to her at [email protected]