国家网信办公布《个人信息出境认证办法》

Core Points - The "Personal Information Outbound Certification Measures" has been approved and will take effect on January 1, 2026, aiming to protect personal information rights and regulate outbound certification activities [1][12] - The measures establish a framework for personal information processors to certify their compliance with relevant laws when providing personal information to entities outside China [3][16] Group 1: Legislative Background and Purpose - The measures are designed to enhance the management of cross-border data flow in China, aligning with the "Personal Information Protection Law" and other relevant regulations [3][15] - The introduction of these measures is a response to the rapid development of the global digital economy and the need for secure cross-border data flow [15][20] Group 2: Certification Requirements - Personal information processors must apply for certification through accredited professional certification agencies, which must comply with established norms and rules [6][18] - Certification is mandatory for non-critical information infrastructure operators that provide personal information to foreign entities, with specific thresholds for the number of individuals involved [5][17] Group 3: Obligations of Certification Agencies - Certification agencies are required to report certification information to a national public service platform within five working days of issuing a certificate [9][18] - Agencies must also suspend or revoke certifications if they find discrepancies in the outbound activities of certified processors [7][18] Group 4: Supervision and Compliance - The national market supervision and internet information departments will oversee the certification activities, conducting regular checks and evaluations [10][18] - Any organization or individual can report violations of the measures, which will be addressed according to the relevant laws [16][18]