Eight departments issue "Guidelines for the Secure Export of Automotive Data."

The Ministry of Industry and Information Technology and seven other departments have issued a notice on the publication of the "Guidelines for Automotive Data Export Security." It is pointed out that automotive data handlers should declare data export security assessments through domestic legal entities. For domestic entities without legal entities, declarations should be made by domestic branches. If multiple domestic subsidiaries belong to the same group company and have similar data export business scenarios, the group company can be the reporting entity for consolidated reporting. It is not allowed to split data quantities in order to provide data that should undergo security assessments to overseas parties through standard contracts or other means. Automotive data handlers should conduct self-assessments of data export risks in accordance with the "Regulations on Data Export Security Assessment Measures", "Promotion and Regulation of Cross-border Data Flow Regulations", and "Guidelines for Data Export Security Assessment Declarations", and rectify any risk issues, and submit reporting materials to the Cyberspace Administration. Automotive data handlers can engage in data export activities once they have successfully completed the data export security assessment; if there are circumstances affecting the security of exported data, they should re-declare and reassess.