The Cyberspace Administration of China on Sunday issued a set of draft management regulations on protecting internet data security to solicit opinion from the public.
According to the regulations, the country shall establish a category- and class-based data protection system.
The data will be classified as common, important, and core on account of its importance to national security, public interests, as well as the legitimate rights and interests of relevant individuals or organizations, said the draft regulations.
Different protection measures based on the classifications will be imposed.
Data processing entities should set up emergency response mechanisms to limit the damage caused by potential data security incidents, the draft document said.
Particularly, the document banned taking biometric data, such as face, fingerprint and iris, as an exclusive method for personal identification, in an effort to curb coercive collection of personal biometric information.
Data processing entities shall not refuse to provide services or hinder normal services to users on the ground of being rejected when collecting personal information that is unnecessary for related services, according to the draft.