Cataloguing of Important Data

July 2022

The term ‘Important Data’ was first mentioned in the China Cybersecurity Law, where it requires that personal information and Important Data gathered or created by critical information infrastructure operators (‘CIIOs’) during operations in the People’s Republic of China (‘PRC’) be stored in the PRC. 

More recently, the different drafts of the regulation entitled Information Security Technology – Identification Guide of Important Data as well as the latest draft entitled Information Security Technology – Identification Rules of Important Data, which was not publicly released, finally define Important Data. The latest draft regulation defines Important Data widely to cover not just government data. 

With the definition of Important Data being wider than government data, the burden on companies is immense. Companies should therefore monitor this and other developments relating to Important Data to update data cataloguing to ensure compliance.