Submission of Comments to TC260 on Secure & Controllable Standards
2016-12-20 | Beijing, Shanghai
The European Chamber submitted collated comments to the National Information Security Standardisation Technical Committee (TC260) on the following draft standards: Information security technology – Security controllable level evaluation index of information technology products – Part 2: CPU, Information security technology – Security controllable level evaluation index of information technology products – Part 3: Operating System, and Information security technology – Security controllable level evaluation index of information technology products – Part 4: Office Suite.
In the comments, the European Chamber called for:
- Further clarification as to whether these recommended standards will become de facto mandatory requirements for SOEs / CII operators in the future, and whether there will be more such standards covering additional product categories
- The removal of the source code disclosure requirements
- Greater flexibility and the removal of the data localisation requirements
- Further clarification as to the national crypto regulatory requirements