注册    登录
关注
Py学习  »  Git

Digital Economy and Data Protection Newsletter(24.09)

TMT法律论坛 • 1 年前 • 200 次点击  

Click above|Follow us


Recently, in terms of cross-border data transfer, the Lingang New Area of the Shanghai Free Trade Zone released the first batch of scenario-based general data lists, promoting the establishment of a cross-border data management mechanism within the free trade zone. In industry governance, the Ministry of Natural Resources released a draft mandatory national standard on the security of spatiotemporal data sensing systems for intelligent connected vehicles, emphasizing national geographic information security. The Ministry of Industry and Information Technology (MIIT) issued implementation details for data security risk assessment, pioneering a data security risk assessment mechanism in the industrial and information sectors. In artificial intelligence governance, the National Information Security Standardization Technical Committee solicited opinions on the national standard for the basic requirements of AIGC service security, and the EU AI Act was approved by the European Council and will come into effect and be gradually implemented after its announcement.



HOTSPOT

HOTSPOT



Release of the General Data List for Cross-Border Scenarios in the Lingang New Area of the Shanghai Free Trade Zone


On May 17, 2024, the Lingang New Area Administrative Committee of the Shanghai Free Trade Zone (hereinafter referred to as the “Committee”) released the nation’s first batch of general data lists for cross-border scenarios. The initial general data list includes three fields: intelligent connected vehicles, public mutual funds, and biomedicine, covering 11 scenarios such as cross-national production and manufacturing of intelligent connected vehicles, clinical trials and R&D in biomedicine, and information sharing for fund market research, divided into 64 data categories and over 600 fields. The Committee also released guidelines for the general data filing operation. According to the "Classified Management Measures for Cross-Border Data Flow in the Lingang New Area (Trial)" released on February 8, data processors registered or engaged in cross-border data activities within the Lingang New Area can apply for registration with the Committee and can freely flow the general data under relevant management requirements.


Source: Lingang New Area Administrative Committee of the Shanghai Free Trade Zone




Public Solicitation for the Draft Mandatory National Standard "Basic Requirements for Spatiotemporal Data Sensing System Security of Intelligent Connected Vehicles"


On May 21, 2024, the Ministry of Natural Resources publicly released the "Basic Requirements for Spatiotemporal Data Sensing System Security of Intelligent Connected Vehicles (Draft for Comments)" and its "Compilation Instructions". The standard is a mandatory national standard, proposed by the Ministry of Natural Resources, intended for intelligent connected vehicles equipped with spatiotemporal data sensing systems that are sold to the public and operated within China. It does not apply to prototype or data collection vehicles in the automotive R&D process. The standard primarily focuses on the security of spatiotemporal data processing at the core stages of data collection, storage, and transmission outside the vehicle, and requires integrators of spatiotemporal data sensing systems in intelligent connected vehicles (i.e., applicants) to apply for safety testing of the sensing systems at state-recognized testing institutions.


Click here for further information.




Public Solicitation for the Draft National Standard "Basic Requirements for the Security of Generative Artificial Intelligence Services"


On May 23, 2024, the National Information Security Standardization Technical Committee publicly solicited opinions on the "Basic Requirements for the Security of Generative Artificial Intelligence Services (Draft for Comments)" (hereinafter referred to as the "Basic Requirements"), with the consultation period ending on July 22. The "Basic Requirements" continue the compliance framework of the previously effective technical document TC260-003 "Basic Requirements for the Security of Generative Artificial Intelligence Services" but make some adjustments to specific requirements and security assessment reference points and elevate its effectiveness to the level of recommended national standards. It is expected to become an important reference for security assessments conducted by generative artificial intelligence service providers upon official release.


Source: National Information Security Standardization Technical Committee



    Formal Approval of the "AI Act" by the European Council


    On May 21, 2024, the "Artificial Intelligence Act" (AI Act) was approved by the European Council, becoming a formal law, and will take effect 20 days after its publication in the official gazette. Except for certain specific provisions, the "AI Act" will be fully implemented two years after its effective date. The "AI Act" is the world’s first law to regulate AI using a risk-based approach: the higher the risk of harm to society, the stricter the regulatory rules for artificial intelligence. In addition, the "AI Act" also imposes additional requirements for the management of general-purpose artificial intelligence models with systemic risks, such as evaluation and reporting.


    According to the "AI Act", as long as the developers (deployers) or providers of relevant AI systems put the artificial intelligence systems on the EU market or use them within the EU, or the output results generated by the relevant AI systems are used within the EU, they must comply with the "AI Act", which will have an impact on the business of relevant Chinese outbound enterprises.


    Click here for further information.


      NEWSLETTER

      NEWSLETTER


      (Click on the source or copy the corresponding link to view the details)




      LEGISLATION

      1. The Standing Committee of the National People's Congress released the 2024 legislative work plan, arranging for the review of amendments to the "Cybersecurity Law"

        Source: Ministry of Justice

      2. The State Council Executive Meeting reviewed and approved the "Action Plan for the Digital Transformation of Manufacturing" and the "Fair Competition Review Regulations (Draft)"

        Source: MIIT

      3. The National Supervisory Commission and other departments jointly issued regulations on implementing the "International Criminal Judicial Assistance Law of the People's Republic of China", involving the export of criminal evidence data

        Source: Ministry of Justice(https://www.moj.gov.cn/pub/sfbgw/zwxxgk/fdzdgknr/fdzdgknrtzwj/202405/t20240511_498679.html)

      4. The Ministry of Industry and Information Technology (MIIT) issued the "Implementation Rules for Data Security Risk Assessment in the Industrial and Information Technology Fields (Trial)"

        Source: MIIT(https://www.miit.gov.cn/zwgk/zcwj/wjfb/tz/art/2024/art_414d957b786c4a549c37acd5c6e80c71.html)

      5. The Ministry of Natural Resources publicly solicited opinions on the draft mandatory national standard "Basic Requirements for the Security of Spatiotemporal Data Sensing Systems for Intelligent Connected Vehicles"

        Source: China Standard Information Service Network

      6. The National Information Security Standardization Technical Committee () publicly solicited opinions on the draft national standard "Network Security Technology Software Bill of Materials Data Format"

        Source: NISSTC

      7. The Cyberspace Administration of China issued the "Regulations on the Security Management of Internet Government Applications"

        Source: CAC

      8. MIIT and other departments issued the "Guidelines for Improving the Supply Chain Management Level of Manufacturing Enterprises (Trial)"

        Source: MIIT

      9. MIIT issued the "2024 Work Plan of the Industrial Internet Special Working Group"

        Source: MIIT

      10. The State Administration for Market Regulation issued the "Interim Provisions on the Prevention of Unfair Competition on the Internet"

        Source: State Administration for Market Regulation

      11. The State Administration for Market Regulation and other departments issued the "Guiding Opinions on Promoting the Standardized and Healthy Development of Online Auctions"

        Source: State Administration for Market Regulation

      12. The State Administration for Market Regulation publicly solicited opinions on the draft "Administrative Measures for the Restoration of Market Supervision Management Credit"

        Source: State Administration for Market Regulation

      13. The People's Bank of China and other departments issued the "Measures for the Management of Beneficial Owner Information"

        Source: The People's Bank

      14. The Ministry of Natural Resources and other departments issued the "Notice on Regulating the Use of Maps in Mobile Internet Applications"

        Source: Ministry of Natural Resources

      15. The National Information Security Standardization Technical Committee (NISSTC) publicly solicited opinions on the draft national standard "Basic Requirements for the Security of Generative Artificial Intelligence Services"

        Source: NISSTC

      16. The National Information Security Standardization Technical Committee (NISSTC) issued five recommended national standard plans for network security, including "Personal Information Protection Compliance Audit Requirements"

        Source: NISSTC

      17. MIIT publicly solicited opinions on three communication industry standards, including the "Guidelines for Identifying Important Data in the Industrial Sector" and "Data Security Protection Requirements for Industrial Enterprises"

        Source: MIIT(https://wap.miit.gov.cn/zwgk/wjgs/art/2024/art_16904fcec1654eda9638f2f384205afa.html)

      18. Shanghai revised and issued the "Shanghai Municipal Science and Technology Progress Regulations"

        Source: Shanghai Cyberspace administration

      19. Shandong Cyberspace Administration issued the "Guide to Filing Standard Contracts for the Export of Personal Information from Shandong Province (Second Edition)"

        Source: Shandong Cyberspace Administration

      20. Hebei Provincial Department of Industry and Information Technology issued the "Work Plan for Enhancing Data Security Capabilities in the Industrial Sector of Hebei Province (2024-2026)"

        Source: Hebei Provincial Department of Industry and Information Technology

      21. Hainan Provincial Department of Industry and Information Technology publicly solicited opinions on the draft "Hainan Free Trade Port Digital Economy Promotion Regulations"

        Source: Hainan Provincial Department of Industry and Information Technology

      22. Jiangsu Intellectual Property Office and other departments issued the "Guide to Responding to Intellectual Property Disputes at Overseas Exhibitions"

        Source: National Intellectual Property Administration


      INDUSTRY TRENDS

      1. The Lingang New Area of the Shanghai Free Trade Zone released the first batch of scenario-based general data lists for cross-border scenarios

        Source: Lingang New Area of the Shanghai Free Trade Zone

      2. China and the United States held the first intergovernmental dialogue on artificial intelligence

        Source: Global Times

      3. The Cyberspace Administration of China issued the fifteenth batch of domestic blockchain information service record numbers

        Source: CAC

      4. The China Meteorological Administration issued an implementation plan to accelerate the "Meteorological Data Elements ×" action

        Source: China Meteorological Administration (https://www.cma.gov.cn/2011xwzx/2011xqxxw/2011xqxyw/202405/t20240521_6282042.html)

      5. The State Administration for Market Regulation announced the top ten typical cases of intellectual property law enforcement in 2023

        Source: State Administration for Market Regulation

      6. Beijing Telecommunications Administration issued the "2024 Data Security Management Implementation Plan for the Telecommunications and Internet Industry in Beijing"

        Source: Beijing Telecommunications Administration

      7. Beijing Cyberspace Administration released the filed information of generative artificial intelligence services in Beijing on May 15

        Source: Beijing Cyberspace Administration

      8. Beijing Cyberspace Administration released the filed information of generative artificial intelligence services in Beijing on May 22

        Source: Beijing Cyberspace Administration

      9. Beijing Cyberspace Administration changed the consultation telephone number for cross-border data business

        Source: Beijing Cyberspace Administration

      10. Shanghai Cyberspace Administration held a compliance guidance meeting on personal information protection in coffee consumption scenarios

        Source: Shanghai Cyberspace Administration

      11. Shanghai Cyberspace Administration released the filed information of generative artificial intelligence services in Shanghai on May 13

        Source: Shanghai Cyberspace Administration

      12. Shanghai Cyberspace Administration released the filed information of generative artificial intelligence services in Shanghai on May 20

        Source: Shanghai Cyberspace Administration

      13. Shanghai Cyberspace Administration released the filed information of generative artificial intelligence services in Shanghai on May 21

        Source: Shanghai Cyberspace Administration

      14. Shanghai Cyberspace Administration changed the consultation telephone number for cross-border data business.

        Source: Shanghai Cyberspace Administration

      15. The Shanghai Municipal Market Regulation Bureau announced typical cases of trademark and patent administrative law enforcement in 2023

        Source: Shanghai Municipal Market Regulation Bureau

      16. Jiangsu Cyberspace Administration conducted a survey on the export situation of data in the province

        Source: Jiangsu Cyberspace Administration

      17. Chongqing Cyberspace Administration released cases of data export security assessments and standard contract filings

        Source: Chongqing Cyberspace Administration

      18. Anhui Telecommunications Administration issued a notice on the removal of an app that infringes on user rights

        Source: Anhui Telecommunications Administration

      19. A company in Nanchang was fined 100,000 yuan for the suspected theft of a large amount of data by foreign entities

        Source: Nanchang Cyberspace Administration


      OVERSEAS

      1. International

        1. Multiple countries signed a statement to establish thresholds for artificial intelligence risk assessment

          Source: DSIT of UK (https://www.gov.uk/government/news/new-commitmentto-deepen-work-on-severe-ai-risks-concludes-ai-seoul-summit)

        2. The European Commission announced the adoption of a framework convention on artificial intelligence and human rights, democracy, and the rule of law

          Source: European Commission(https://www.coe.int/en/web/portal/-/council-of-europe-adopts-first-international-treaty-on-artificial-intelligence)

      2. EU

        1. The European Council formally approved the "Artificial Intelligence Act"

          Source: European Council(https://www.consilium.europa.eu/en/press/press-releases/2024/05/21/artificial-intelligence-ai-act-council-gives-final-green-light-to-the-first-worldwide-rules-on-ai/)

        2. The EDPB released French and German versions of the "Data Protection Guide for Small Businesses"

          Source: EDPB(https://www.edpb.europa.eu/news/news/2024/edpb-launches-french-and-german-versions-its-data-protection-guide-small-business_en)

        3. The European Commission filed a formal lawsuit against Meta regarding the protection of minors under the DSA

          Source: European Commission

          (https://digital-strategy.ec.europa.eu/en/news/commission-opens-formal-proceedings-against-meta-under-digital-services-act-related-protection)

      3. UK

        1. The UK government enacted the "Automated Vehicles Act"

          Source: UK government(https://www.gov.uk/government/news/self-driving-vehicles-set-to-be-on-roads-by-2026-as-automated-vehicles-act-becomes-law)

        2. The UK's AI Safety Institute released a new AI safety evaluation platform

          Source: UK's AI Safety Institute(https://www.gov.uk/government/news/ai-safety-institute-releases-new-ai-safety-evaluations-platform)

        3. The UK Intellectual Property Office issued the 2024-2025 overall plan

          Source: UK Intellectual Property Office(https://www.gov.uk/government/publications/intellectual-property-office-corporate-plan-2024-to-2025/intellectual-property-office-corporate-plan-2024-to-2025)

        4. The UK's DSIT launched a public consultation on the code of practice for software vendors

          Source: DSIT of UK(https://www.gov.uk/government/calls-for-evidence/call-for-views-on-the-code-of-practice-for-software-vendors)

        5. The UK's NCSC updated its principles for machine learning security

          Source: NCSC(https://www.ncsc.gov.uk/blog-post/machine-learning-security-principles-updated)

      4. US

        1. The US CISA issued guidance on cybersecurity for civil society organizations

          Source: CISA(https://www.cisa.gov/news-events/alerts/2024/05/14/cisa-and-partners-release-guidance-civil-society-organizations-mitigating-cyber-threats-limited)

        2. The US FTC issued a blog on the collection of consumer car data

          Source: FTC(https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2024/05/cars-consumer-data-unlawful-collection-use)

      5. France: CNIL issued a public questionnaire on health data processing standards

        Source: CNIL(https://www.cnil.fr/fr/participez-la-concertation-sur-les-referentiels-sante-et-faites-connaitre-vos-priorites)

      6. Germany: DSK issued a position paper on the secondary use of genetic data in research

        Source: DSK(https://www.datenschutzkonferenz-online.de/media/dskb/2024-05-15_DSK-Beschluss_Genetische-Daten.pdf)

      7. Poland: UODO solicited public opinions on guidelines for employment data processing and responding to personal data breaches.

        Source: UODO(https://uodo.gov.pl/pl/138/3098)

      8. Uruguay: URCDP issued a data protection guide for SMEs

        Source: URCDP(https://www.gub.uy/unidad-reguladora-control-datos-personales/comunicacion/noticias/nueva-guia-proteccion-datos-personales-para-empresas)

      9. New Zealand: Parliament proposed the Consumer and Product Data Bill

        Source: New Zealand's parliament(https://bills.parliament.nz/v/6/770a5f4e-2185-4f1f-1395-08dc75512299?Tab=history)

      10. Japan: PPC conducted a data security survey for SMEs

        Source: PPC(https://www.ppc.go.jp/files/pdf/R6_chuushou_anzenkanri_survey.pdf)

      11. Korea

        1. PIPC issued two draft guidelines on automated decision-making

          Source: PIPC(https://www.pipc.go.kr/np/cop/bbs/selectBoardArticle.do?bbsId=BS074&mCode=C020010000&nttId=10174#LINK)

        2. PIPC announced the results of the first year of its youth personal information deletion project

          Source: PIPC(https://www.pipc.go.kr/np/cop/bbs/selectBoardArticle.do?bbsId=BS074&mCode=C020010000&nttId=10178#LINK)


      Note

      本文由AIGC翻译,仅供参考。

      Translated by AIGC service. For reference only.


      本期编辑:陈瑊 陈煜烺 陈瑞庭 林婉琪

      Python社区是高质量的Python/Django开发社区
      本文地址:http://www.python88.com/topic/170589
      Reply
       
      200 次点击  
      登录后回复
      关于   移动版
      Py学习 - 专注于Python技术发展的社区(原Django社区)
      沪ICP备11025650号