鑽石舞台

The national standard"Information Security Technology Mobile Internet Application (App) Life Cycle Security Management Guide"issued by the National Information Security Standardization Technical Committee has now formed a draft standard for comment.According to the requirements of"the Working Procedures for Making and Amending the Standards of the National Technical Committee for Information Security Standardization", the draft of the standard is now available for public opinions.Standard materials have been published on the BC website: https: / / www.tc260.org.cn/front/bzzqyjList.html?The start=0 & length=10), with comments or suggestions please give feedback to the Secretariat before 24:00,9 April 2022.

全國信息安全標準化技術委員會歸口的國家標準《信息安全技術移動互聯網應用程序（App）生命周期安全管理指南》現已形成標準徵求意見稿。根據《全國信息安全標準化技術委員會標準制修訂工作程序》要求，現將該標準徵求意見稿面向社會公開徵求意見。標準相關材料已發布在信安標委網站（網址：https://www.tc260.org.cn/front/bzzqyjList.html?start=0&length=10），如有意見或建議請於2022年4月9日24:00前反饋秘書處。

Recently, the People's Bank of China, together with the State Administration for Market Regulation, the China Banking and Insurance Regulatory Commission and the China Securities Regulatory Commission, jointly issued"the 14th Five-Year Development Plan for Financial Standardization"(hereinafter referred to as"the Plan")."The Plan"defines the priorities of seven aspects.First, standardization to assist modern financial management.Second, standardization help improve the financial market system.Third, standardization support the innovation of financial products and services.Fourth, standardization leads the construction of the digital ecology of the financial industry.Fifth, deepen financial standardization and opening-up at a high level.Sixth, promote reform and innovation in financial standardization.Seventh,consolidate the foundation for standardized financial development.At the same time,"The Plan"also points out the problems such as systematically improving the standards of financial data elements, strengthening the protection of financial network security standards, and promoting the construction of security and controllable standards of financial informatization.

近日，中國人民銀行會同市場監管總局、銀保監會、證監會聯合印發《金融標準化「十四五」發展規劃》（以下簡稱《規劃》）。《規劃》明確了七個方面的重點。一是標準化輔助現代金融管理。二是標準化助力健全金融市場體系。三是標準化支撐金融產品和服務創新。四是標準化引領金融業數字生態建設。五是深化金融標準化高水平開放。六是推動金融標準化改革創新。七是夯實金融標準化發展基礎。同時《規劃》還指出系統完善金融數據要素標準、強化金融網絡安全標準防護、推進金融業信息化核心技術安全可控標準建設等問題。

On February 7, the Guangdong Provincial Government Service Data Administration issued"the Guangdong Province Public Data Safety Management Measures" (Exposure Draft)(hereinafter referred to as"the Measures")."The Measures"aims to strengthen the management of the public data security of the digital government in Guangdong Province, standardize the public data processing activities, promote the orderly development and utilization of data resources, protect the legitimate rights and interests of individuals and organizations, and safeguard the national sovereignty, security and development interests.According to"theNetwork Security Law of the People's Republic of China","the Data Security Law of the People's Republic of China","the Personal Information Protection Law of the People's Republic of China","the Public Data Management Measures of Guangdong Province"and other relevant laws, regulations, rules, combined with the actual work,"The Measures"led by Guangdong government service administration data drafting.Now publicly solicit opinions from all sectors of society, the period is from February 8 to February 21,2022.

2月7日，廣東省政務服務數據管理局發布《廣東省公共數據安全管理辦法（徵求意見稿）》（以下簡稱《辦法》）。該《辦法》旨在加強廣東省數字政府公共數據安全管理，規範公共數據處理活動，促進數據資源有序開發利用，保護個人及組織的合法權益，維護國家主權、安全和發展利益。根據《中華人民共和國網絡安全法》《中華人民共和國數據安全法》《中華人民共和國個人信息保護法》《廣東省公共數據管理辦法》等相關法律、法規、規章的規定，結合工作實際，該《辦法》由廣東省政務服務數據管理局牽頭起草。現公開徵求社會各界意見，徵求意見期限為2022年2月8日至2月21日。

"The Measures for the Administration of Credit Investigation Business"(hereinafter referred to as"the Measures")came into effect on January 1,2022."The Measures"clarify the principles of the use of data of credit investigation business, including information collection, use norms, supervision and management and other aspects.According to"the Measures", information users should take necessary measures to ensure that the consent of the information subject is obtained when inquiring the personal credit information, and to use the personal credit information according to the agreed purposes.For banking financial institutions, anti-money laundering, credit investigation management, payment and settlement and financial consumer protection are the four major violations.With the strengthening of credit investigation business supervision, all kinds of banks have frequently stepped on the pit here recently.On February 9, the Shanghai Branch of the People's Bank of China announced that a bank was fined 2.3 million yuan to correct within a time limit for violating the relevant management regulations on credit information inquiry.

《徵信業務管理辦法》（以下簡稱《辦法》）已於2022年1月1日起施行，該《辦法》明確了徵信業務使用數據的原則，包含信息採集、使用規範、監督管理等方面內容。《辦法》規定，信息使用者應當採取必要的措施，保障查詢個人信用信息時取得信息主體的同意，並且按照約定用途使用個人信用信息。對銀行業金融機構而言，反洗錢、徵信管理、支付結算和金融消保是四大違規領域。隨着徵信業務監管加強，近期各類銀行頻頻在此踩坑。2月9日，中國人民銀行上海分行公布的行政處罰決定書顯示，某銀行因違反信用信息查詢相關管理規定，被處以罰款人民幣230萬元，限期改正。

On February 10, the Ministry of Industry and Information Technology once again publicly solicited opinions on"the Measures for Data Security Management in the Field of Industry and Information Technology (Trial)",(hereinafter referred to as"the Measures")."The Measures"mainly involve the following aspects: important data and core data collected and generated by data processors in the industrial and information field in the People's Republic of China, Where laws or administrative regulations require domestic storage, It shall be stored in China, It is really necessary to be provided overseas, Data exit safety assessment shall be carried out in accordance with the law and regulations; Support the promotion of data security products and services, To foster data security enterprises, research and service institutions, Developing the data security industry, Improve the data security guarantee capability, Promote the innovative application of data; According to the data being tampered with, destroyed, leaked, or illegally acquired or illegally used, The degree of harm caused to state security, public interests, or the legitimate rights and interests of individuals or organizations, Grading of data in industrial and information fields.

2月10日，工信部再次公開徵求對《工業和信息化領域數據安全管理辦法（試行）》的意見，（以下簡稱《辦法》）。該《辦法》中主要涉及到以下幾方面的內容：工業和信息化領域數據處理者在中華人民共和國境內收集和產生的重要數據和核心數據，法律、行政法規有境內存儲要求的，應當在境內存儲，確需向境外提供的，應當依法依規進行數據出境安全評估；支持推廣數據安全產品和服務，培育數據安全企業、研究和服務機構，發展數據安全產業，提升數據安全保障能力，促進數據的創新應用；根據數據遭到篡改、破壞、泄露或者非法獲取、非法利用，對國家安全、公共利益或者個人、組織合法權益等造成的危害程度，對工業和信息化領域數據分級。

M姐 數據合規評論微信號｜M_DigitalLawandLife