The Ministry of Industry and Information Technology (MIIT) has urged smart automobile enterprises to establish and improve vehicle-generated data security management, with an emphasis on personal information and data protection.
In a document issued on Thursday, the MIIT stressed that personal information and important data collected and generated within the territory of China must be stored locally, in accordance with relevant laws, and shall pass a data exit security assessment if it is to be provided abroad.
The document said that enterprises should establish and improve automobile data security management systems and fulfill their data security protection obligations, implement data classification management, and strengthen the protection of personal information and important data.
It also urged companies to step up technical measures aimed at data protection, implement data security risk assessments, and report data security incident to the authorities in accordance with Chinese law.
The new policy comes amid China's push to tighten regulations to protect vehicle-generated data collected by electric vehicle makers. On May 12, the Cyberspace Administration of China (CAC) issued a draft rule for car companies to bolster the protection of consumer data.
According to the draft rule, vehicle operators should obtain the consent of users before collecting their personal information.
From September a, China will implement its Data Security Law, which will be applicable to data processing activities and security supervision within China's territory, to provide broad legal support for individual privacy and crucial data.