In a statement issued on Friday, the Shanghai Economic and Information Technology Commission said it will require that entities conducting vehicle testing and demonstrations properly handle the acquisition, processing, application and transmission of data.
The data generated in testing and demonstration activities is also not allowed to be transmitted overseas unless approved by relevant authorities, it said, adding the draft laws are open for public consultation.
Additionally, the entities should take relevant measures to protect data confidentiality, form a personal information protection system and are forbidden to conduct illegal trading, transfer and disclosure of relevant data, it said.
Dozens of automakers, startups and large technology firms in China, ranging from Didi Global Inc to WeRide and internet search leader Baidu Inc, are accelerating work on self-driving vehicle systems, which are widely expected to bring a sea change to the transportation industry.
China is in the process of revamping its policy towards privacy and data security. It is drafting a Personal Information Protection Law and is set to implement in September its Data Security Law, which requires companies that process “critical data” to conduct risk assessments and submit reports.
China’s Ministry of Industry and Information Technology earlier this week issued a draft action plan to develop the country’s cyber-security industry in a bid to better govern data storage, data transfer, and personal data privacy.
Regulators announced a probe into ride-hailing giant Didi in early July, just days after its listing in New York, and subsequently ordered its app to be removed from app stores. They cited “serious violations” of laws and regulations pertaining to the collection of personal information by Didi’s app.