China has drafted a contingency plan outlining how companies and authorities need to respond to data security incidents.
The plan proposes to classify any incident according to four colour-coded tiers, each based on the degree of harm inflicted upon national security, a company’s online and information network, or the running of the economy.
The plan comes amid Beijing’s push to tamp down national security risks and heightened concerns around large-scale data leaks and hacking within its borders.
Also on AF: Nasdaq-Listed China Shadow Bank Down 60% on Property Crisis Hit
It also comes amid increasing geopolitical tensions with the United States and its allies.
China’s Ministry of Industry and Information Technology (MIIT) published the detailed draft plan on Friday, laying out how local governments and companies should assess and respond to incidents.
Incidents that involve losses surpassing 1 billion yuan ($141 million) and affect the personal information of over 100 million people, or the “sensitive” information of over 10 million people, will be classed as “especially grave”, the plan proposed.
Such an incident would require a red warning to be issued, it added.
It further said that in response to red and orange warnings, the involved companies and relevant local regulatory authorities must establish a 24-hour work rota to address the incident.
MIIT must be notified of the data breach within ten minutes of the incident happening, the plan said, among other measures.
“If the incident is judged to be grave… it should be immediately reported to the local industry regulatory department, no late reporting, false reporting, concealment or omission of reporting is allowed,” MIIT said.
The plan, which is currently soliciting opinions from the public, follows an incident last year when a hacker claimed to have procured a trove of personal information on one billion Chinese from the Shanghai police.
- Reuters, with additional editing by Vishakha Saxena
Also read:
China Plans New Checks For Auditors, Accounting Firms
Notorious Hackers Seen Hitting US Arm of ICBC, China’s Top Bank
China’s Top Bank Paid Ransom After Cyber Attack, Gang Says
China Planning Ten-Fold Increase in Some Cyber Law Fines
China Plans Rules to Regulate Data Flows From Smart Cars
China’s Top Financial Data Provider, Wind, Cuts Foreign Access
China ‘Stolen Personal Data of 80% of Americans’ – The Hill