Ministry of Industry and Information Technology, Measures for the Administration of Data Security in the Industry and Information Technology Sector (Trial Implementation) (Draft for Public Comments)

Main contents: A data processor in the industry and information technology sector shall submit its catalogue of important data and core data to the local competent industry and information technology department (industrial sector) or communications authority (telecommunications sector) or radio authority (radio sector) for the record. The content of such a record filing shall include but not be limited to data types, classification, size, processing purposes and methods, scope of use, responsible entity, external sharing, cross-border transfer, security protection measures and other basic information, but excluding the content of the data itself (Article 12).