China strengthened its data oversight on Friday, issuing a contract that smaller firms will be required to sign if they want to send user information abroad.
In recent years, Beijing has issued new cybersecurity, data, and privacy laws requiring organisations with large user bases to undergo assessments and approvals when handling the massive amounts of data they collect.
The Cyberspace Administration of China (CAC) issued a so-called standard contract on Friday that appears to cover organisations with smaller user bases.
Parties that handle the personal information of up to one million people or have sent the personal information of up to 100,000 individuals overseas since January of last year will be required to sign such contracts beginning June 1, according to the CAC.
They must declare that they conducted assessments prior to sending the information overseas, such as the risk of it being illegally used by overseas recipients, and must file the contract with local CAC departments within 10 days of it taking effect.
The Cyberspace Administration of China is the People's Republic of China's central internet regulator, censor, oversight, and control agency. Under the arrangement of "one institution with two names," it is the external brand name of the Chinese Communist Party's Office of the Central Cyberspace Affairs Commission.
The CAC owns the majority of the China Internet Investment Fund, which has stakes in companies like ByteDance, Weibo Corporation, SenseTime, and Kuaishou.
.jpg "Technology in Cancer Care: A story of evolving paradigms")
.jpg "Bringing Shop Floor to Manufacturer's palm: Smart Factory Solutions for tomorrow")
