Beijing: China on Friday proposed a four-tier classification to help respond to data security incidents, highlighting Beijing’s concerns over large-scale data leaks and hacking within its borders.
The contingency plan comes amid rising geopolitical tensions with the United States and its allies and follows an incident last year when a hacker claimed to have obtained the personal information of a billion Chinese people from Shanghai police.
China’s Ministry of Industry and Information Technology (MIIT) has published a detailed draft plan outlining how local governments and companies should assess and respond to incidents.
The plan, which is currently soliciting public opinion, proposes a four-tier, color-coded system based on the degree of harm caused to national security, the company’s online and information networks, or the operation of the economy.
According to the plan, incidents that cause losses of more than 1 billion yuan ($141 million) and affect personal information of more than 100 million people or “sensitive” information of more than 10 million people are considered “particularly serious.” ” will be classified as. On which a red alert should be issued.
The plan demands that in response to red and orange alerts, the companies involved and relevant local regulatory authorities must establish a 24-hour work rota to address the incident and notify MIIT about the data breach within ten minutes of the incident occurring. Will have to inform. Other solutions.
“If the incident is considered serious…it should be immediately reported to the local industry regulatory department, late reporting, false reporting, concealment or omission of reporting is not allowed,” MIIT said.