Hunton Andrews Kurth writes:
On September 18, 2024, the National Technical Committee 260 on Cybersecurity Standardization Administration of China released the “Cybersecurity Standard Practice Guideline – Sensitive Personal Information Identification Guideline” (the “Guideline”).
Prior to this Guideline, existing laws of China, such as the Personal Information Protection Law and the Information Security Technology – Personal Information Security Specification, provided the definition of sensitive personal information and certain examples. This Guideline seeks to further clarify the scope and provide a more detailed explanation of what sensitive personal information is in China.
Read more at Privacy & Information Security Law Blog.