On 31 Dec. 2021, the National Information Security Standardization Technical Committee issued the “Cybersecurity Practices Guidelines – Guidelines for Categorization and Classification of Network Data” (hereinafter “the Guidelines”, 网络安全标准实践指南——网络数据分类分级指引).
The Guidelines lays out the principles, the framework, and the methods of categorization and classification of network data in accordance with China’s network data-related laws, regulations and policies.
In terms of the categorization, the Guidelines provides different categories of classification such as individual citizen, public administration, information dissemination, industry sector, and organization operation.
In terms of the classification, the Data Security Law classifies data into three levels – general data, important data, and core data – based on their degrees of impact on national security, public interests or the legitimate rights and interests of individuals or organizations once the data is sabotaged, destroyed, leaked, illegally accessed or used.
Cover Photo by Bernd Dittrich on Unsplash
Contributors: CJO Staff Contributors Team