DCC
Data Compliance China
Search · ⌘K
DCC · DATA COMPLIANCE CHINA China data law, for overseas counsel.
§ GLOSSARY

The terminology.

361 terms across 12 categories. The canonical translation table DCC uses for every brief — the long-term moat of this publication.

361 terms
§ 01

Data Types .

数据类型

中文 English
数据 data
原始数据 raw data / primary data NDA Common Data Terms Batch 1 (2024) uses "primary data"
衍生数据 derived data
网络数据 network data introduced as a defined term by the Network Data Security Regulation
训练数据 training data GenAI Measures Art 7
数据资源 data resources Gov Data Sharing Regulations usage
数据产品和服务 data products and services NDA Common Data Terms Batch 1 § 5
元数据 metadata
结构化数据 structured data
半结构化数据 semi-structured data
非结构化数据 unstructured data
个人信息 personal information
敏感个人信息 sensitive personal information
儿童个人信息 personal information of children
未成年人个人信息 personal information of minors
生物识别信息 biometric information
人脸信息 facial information SPC FRT Interpretation core term
重要数据 important data
核心数据 core data
国家核心数据 national core data
一般数据 general data
公共数据 public data
政务数据 government data
企业数据 enterprise data
数据资产 data assets
数据要素 data elements
重要数据目录 catalogue of important data
§ 02

Data Processing & Compliance Management .

数据处理与合规管理

中文 English
处理 processing
数据处理 data processing / data handling NDA Batch 1 uses "data handling" (collect / store / use / process / transmit / provide / publish)
数据处理活动 data processing activities
数据处理者 data processor / data handler DSL term (generic) — "data handler" in CAC and NDA translations
网络数据处理者 network data handler Network Data Security Regulation term
个人信息处理者 personal information handler PIPL Article 73 — DO NOT render as "data controller"
个人 the individual / the individual concerned PIPL's preferred rights-holder term, not "personal information subject"
受托处理者 entrusted processor
受托数据处理者 commissioned data handler / trustee data processor NDA Batch 1 § 10 uses "commissioned data handler"
数据治理 data governance
数据流通 data circulation / data flow NDA Batch 1 § 11 uses "data circulation"; "data flow" common in cross-border context (not GDPR-style "data flow")
委托处理 entrusted processing
共同处理 joint processing
公开披露 public disclosure
转让 transfer
共享 sharing
个人信息主体 personal information subject Pre-PIPL standard term; PIPL itself uses "个人" (individual)
数据主体 data subject GDPR vocabulary; preserve if the source author chose it, do not back-fit onto PIPL
单独同意 separate consent
明示同意 explicit consent
一揽子同意 bundled consent SPC FRT Interpretation Art 4 — invalid consent pattern
告知 notice
知情同意 informed consent
实名核验 real-name verification Deep Synthesis / GenAI / Algo Rec triple requirement
真实身份信息 real identity information
个人信息保护影响评估 Personal Information Protection Impact Assessment (PIPIA) PIPL Arts 55–56 render verbally as "impact assessment on personal information protection"
风险评估 risk assessment
数据安全风险评估 data security risk assessment
自评估 self-assessment term used across CBDT pathways
安全事件 security incident
个人信息安全事件 personal information security incident
网络安全事件 cybersecurity incident
数据安全事件 data security incident
应急预案 emergency response plan
应急响应 emergency response
自动化决策 automated decision-making
用户画像 user profiling
精准营销 targeted marketing
去标识化 de-identification
匿名化 anonymization
最小必要 minimum necessary
合法、正当、必要 lawful, legitimate, and necessary
数据治理 data governance
数据安全 data security
数据分类分级 data classification and grading also rendered "classified and hierarchical protection of data" in regulations
分类分级保护 classified and hierarchical protection
合规审计 compliance audit
个人信息保护合规审计 personal information protection compliance audit
个人信息保护负责人 person in charge of personal information protection
专门机构 specialized agency third-party PI-audit body under the 2025 Audit Measures
专门安全管理机构 specialized security management body CIIO obligation under CII Regulations Art 14-15
履行个人信息保护职责的部门 authorities performing duties of personal information protection
保护机构 protection authority informal shorthand used in the Audit Measures
保护工作部门 protection authority CII Regulations usage
主管部门 competent authority
监督管理部门 supervisory authority
重要互联网平台服务 important Internet platform services PIPL Art 58 — large-platform obligation trigger
党政机关 Party and government organs
企事业单位 enterprises and public institutions
公共服务 public services
公益事业 public welfare
公开招标 public bidding
邀请招标 invited bidding
数据安全主体责任 primary responsibility for data security
实施方案 implementation plan
行政权力 administrative power
市场支配地位 market dominant position
排除、限制竞争 exclude or restrict competition
网络平台运营者 network platform operator
网络平台 network platform
社会责任报告 social responsibility report
网络产品和服务 network products and services
网络安全服务机构 cybersecurity service agency
安全保密协议 security confidentiality agreement
§ 03

Cross-Border Data Flow .

数据出境

中文 English
数据出境 cross-border data transfer PIPL itself uses the verbal "provide personal information outside the territory of the PRC"
数据跨境流动 cross-border data flows
跨境提供个人信息 cross-border provision of personal information
跨境处理 cross-border processing
境外接收方 overseas recipient
数据出境安全评估 Data Export Security Assessment PIPL renders verbally as "security evaluation organized by the CAC" — 评估 is rendered both as "assessment" and "evaluation"
安全评估 security assessment
出境安全评估 outbound security assessment
评估申报 assessment declaration / declaration for security assessment
评估通过 passing the security assessment
个人信息出境标准合同 Standard Contract for Cross-Border Transfer of Personal Information
个人信息出境标准合同备案 Personal Information Standard Contract Filing
标准合同 Standard Contract
个人信息保护认证 Personal Information Protection Certification
认证 certification CAC Cross-border Provisions sometimes render 认证 as "authentication" — both are in circulation
认证机构 certification body new under the 2026 PI Outbound Certification Measures
认证证书 certification certificate
认证标志 certification mark
备案 filing
负面清单 negative list
白名单 whitelist
数据本地化 data localization
本地存储 local storage
出海 overseas expansion
自由贸易试验区 pilot free trade zone (FTZ) introduced by the 2024 Cross-border Provisions Art 6 negative-list mechanism
自贸区 pilot free trade zone (FTZ)
§ 04

Data Property Rights & Trading .

数据产权与交易

中文 English
数据产权 Data Property Rights
数据产权登记 Data Property Rights Registration
数据持有权 Right to Hold Data
数据使用权 Right to Use Data
数据经营权 Right to Operate Data
数据交易 data trading
交易主体 trading subjects
交易标的 subject matter of transaction
数据交易机构 data trading institution
场内数据交易 on-exchange data trading
数据场内交易 on-exchange data trading NDA Batch 2 § 9 — synonym for 场内数据交易
场外数据交易 off-exchange data trading
数据场外交易 off-exchange data trading NDA Batch 2 § 10 — synonym for 场外数据交易
数据撮合 data matching
数据交易撮合 data trading matching NDA Batch 2 § 11
第三方专业服务机构 third-party professional service institutions
数据第三方专业服务机构 data third-party professional service institution NDA Batch 2 § 12
第三方法律服务机构 third-party legal service institutions
数据要素市场化配置 market-oriented allocation of data elements NDA Batch 1 § 7
公共数据资源 public data resources
授权运营 authorized operation
实施机构 implementing institution
运营机构 operating institution
登记机构 registration institution
登记主体 registrant
登记申请人 registration applicant
登记凭证 registration certificate
赋码 code issuance
数据基础制度 fundamental data system
一体化数据市场 integrated data market
数据要素市场 data factor market
数据流通服务机构 data circulation service institution
隐私计算 privacy computing
政务数据共享 government data sharing
数据描述 data description
数据来源 data source
数据存证 data evidence preservation
数据指纹 data fingerprint
数据水印 data watermark
数据入表 data balance-sheet entry
数据资产化 data assetization
数据资产资本化 data asset capitalization
异议 objection
异议处理 objection handling
初次登记 initial registration
转让登记 transfer registration
变更登记 change registration
续期登记 renewal registration
注销登记 deregistration
续期 renewal
注销 deregistration
权利限制 rights limitation
多源数据 multi-source data
衍生创造 derivative creation
自动化程序 automated procedures
§ 05

Key Laws & Regulations .

法律法规

中文 English
网络安全法 Cybersecurity Law (CSL)
数据安全法 Data Security Law (DSL)
个人信息保护法 Personal Information Protection Law (PIPL)
个保法 Personal Information Protection Law (PIPL)
民法典 Civil Code
反电信网络诈骗法 Anti-Telecom and Online Fraud Law
网络数据安全管理条例 Regulation on Network Data Security Management State Council Decree No. 790 — official rendering uses singular "Regulation"
关键信息基础设施安全保护条例 Security Protection Regulations for Critical Information Infrastructure State Council Decree No. 745
未成年人网络保护条例 Regulations on the Protection of Minors in Cyberspace State Council Decree No. 766
政务数据共享条例 Regulations on the Sharing of Government Data State Council Decree No. 809
数据出境安全评估办法 Measures for the Security Assessment of Data Export CAC Decree No. 11
促进和规范数据跨境流动规定 Provisions on Promoting and Regulating Cross-border Data Flows CAC Decree No. 16 — note "Cross-border" (lowercase b) in official translation
个人信息出境标准合同办法 Measures on the Standard Contract for the Outbound Transfer of Personal Information CAC Decree No. 13, effective 2023-06-01
个人信息出境标准合同备案指南 Guide to the Filing of the Standard Contract for Outbound Transfer of Personal Information CAC procedural guide accompanying SCC Measures
个人信息出境认证办法 Measures for the Certification of the Cross-border Provision of Personal Information CAC + SAMR Order No. 20, effective 2026-01-01
个人信息保护认证实施规则 Implementation Rules for Personal Information Protection Certification
个人信息保护合规审计管理办法 Administrative Measures for Personal Information Protection Compliance Audits CAC Decree No. 18, effective 2025-05-01
个人信息安全规范 Personal Information Security Specification
网络安全审查办法 Cybersecurity Review Measures CAC + 12-agency Decree No. 8
互联网信息服务算法推荐管理规定 Provisions on the Administration of Algorithmic Recommendation Services for Internet Information Services CAC + 3 Decree No. 9
互联网信息服务管理办法 Administrative Measures for Internet Information Services State Council, foundational ICP regulation (2000, revised 2011, 2024)
人工智能拟人化互动服务管理暂行办法 Interim Measures for the Management of AI Anthropomorphic Interaction Services CAC + 4-agency Order No. 21, effective 2026-07-15
生成式人工智能服务管理暂行办法 Interim Measures for the Management of Generative Artificial Intelligence Services CAC + 6 Decree No. 15
互联网信息服务深度合成管理规定 Provisions on the Administration of Deep Synthesis of Internet Information Services CAC + 2 Order No. 12
人工智能生成合成内容标识办法 Measures for the Labeling of AI-Generated and Composed Content CAC + 3 Guo Xin Ban Tong Zi [2025] No. 2
最高人民法院关于审理使用人脸识别技术处理个人信息相关民事案件适用法律若干问题的规定 Provisions of the Supreme People's Court on Several Issues Concerning the Application of Law in the Trial of Civil Cases Involving the Use of Facial Recognition Technology to Process Personal Information
§ 06

Regulators & Authorities .

监管机构

中文 English
国家互联网信息办公室 Cyberspace Administration of China (CAC)
国家网信办 Cyberspace Administration of China (CAC)
网信办 Cyberspace Administration of China (CAC)
中央网信办 Office of the Central Cyberspace Affairs Commission
网络安全审查办公室 Cybersecurity Review Office
国家数据局 National Data Administration (NDA)
国务院 State Council
工信部 Ministry of Industry and Information Technology (MIIT)
公安部 Ministry of Public Security (MPS)
国家安全部 Ministry of State Security (MSS)
国家市场监督管理总局 State Administration for Market Regulation (SAMR)
国家发展和改革委员会 National Development and Reform Commission (NDRC)
发改委 National Development and Reform Commission (NDRC)
教育部 Ministry of Education (MOE)
科学技术部 Ministry of Science and Technology (MOST)
科技部 Ministry of Science and Technology (MOST)
财政部 Ministry of Finance (MOF)
商务部 Ministry of Commerce (MOFCOM)
中国人民银行 People's Bank of China (PBOC)
国家广播电视总局 State Administration of Radio and Television (NRTA)
中国证券监督管理委员会 China Securities Regulatory Commission (CSRC)
证监会 China Securities Regulatory Commission (CSRC)
国家保密局 State Secrecy Administration (SSA)
国家密码管理局 State Cryptography Administration (SCA)
中国信通院 China Academy of Information and Communications Technology (CAICT)
全国信息安全标准化技术委员会 National Information Security Standardization Technical Committee (TC260)
最高人民法院 Supreme People's Court (SPC)
最高人民检察院 Supreme People's Procuratorate (SPP)
人民法院 People's Court
人民检察院 People's Procuratorate
§ 07

Cybersecurity & Critical Information Infrastructure .

中文 English
网络 network
网络运营者 network operator
关键信息基础设施 critical information infrastructure (CII)
关键信息基础设施运营者 critical information infrastructure operator (CIIO)
运营者 operator CII Regulations shorthand
关键信息基础设施认定 identification of critical information infrastructure
关键信息基础设施识别 identification of critical information infrastructure
网络安全等级保护制度 Multi-Level Protection Scheme (MLPS)
等级保护 Multi-Level Protection Scheme (MLPS)
网络安全审查 cybersecurity review
海外上市 overseas listing Cybersecurity Review Measures Art 7 — listing-trigger
供应链安全 supply chain security
网络安全 cybersecurity
网络空间 cyberspace
主权 sovereignty
网络主权 cyber sovereignty
§ 08

AI & Algorithms .

中文 English
人工智能 artificial intelligence (AI)
生成式人工智能 generative artificial intelligence
生成式人工智能服务 generative AI services
生成式人工智能服务提供者 generative AI service provider
深度合成 deep synthesis
深度合成服务 deep synthesis services
深度合成服务提供者 deep synthesis service provider
深度合成技术 deep synthesis technology
算法 algorithm
算法服务 algorithmic services
算法推荐 algorithmic recommendation
算法推荐服务 algorithmic recommendation services
算法推荐服务提供者 algorithmic recommendation service provider
算法备案 algorithm filing
算法安全评估 algorithm security assessment
个性化推荐 personalized recommendation
不合理差别待遇 unreasonable differential treatment Algo Rec Provisions Art 21 — anti-price-discrimination
大数据杀熟 algorithmic price discrimination against existing users informal but ubiquitous Chinese-public term
人工智能生成合成内容 AI-generated and composed content
显式标识 visible label / explicit label Labeling Measures — user-facing
隐式标识 implicit label metadata / watermark
显著标识 prominent label Deep Synthesis Provisions usage
数字水印 digital watermark
内容元数据 content metadata
内容生态治理 content ecosystem governance
人脸识别 facial recognition
人脸识别技术 facial recognition technology
人脸验证 facial verification
§ 09

Enforcement, Procedure & Liability .

执法、程序与责任

中文 English
约谈 regulatory interview (yuetan) PIPL Art 64 renders this simply as "interview" with a legal representative
责令整改 order to rectify
责令改正 order to make corrections
行政处罚 administrative penalty
行政处分 administrative sanction
罚款 fine
没收违法所得 confiscation of illegal gains
通报批评 public criticism
下架 removal from app stores
暂停业务 suspension of business
吊销许可证 revocation of business permit / license
信用档案 credit archives
民事责任 civil liability
刑事责任 criminal liability
公益诉讼 public-interest litigation
侵权 infringement / tort
App违法违规收集使用个人信息 illegal or excessive collection and use of personal information by apps
§ 10

Document Types & Regulatory Format .

文件类型与立法体例

中文 English
法律 law (NPC / NPCSC enactment)
行政法规 administrative regulation (State Council)
部门规章 departmental rule (ministerial)
规范性文件 normative document
国家标准 national standard
推荐性国家标准 recommended national standard (GB/T)
强制性国家标准 mandatory national standard (GB)
司法解释 judicial interpretation
决定 decision (e.g., NPC amendment decision)
通知 notice / circular
指引 guideline
指南 guide / guidelines
主席令 Presidential Decree
国务院令 State Council Decree
暂行办法 interim measures
管理办法 administrative measures
管理规定 administrative provisions
实施细则 implementation rules
实施条例 implementing regulation
征求意见稿 draft for public consultation
修正 amendment
修订 revision
印发 issuance / promulgation
§ 11

Data Economy, Industry & Infrastructure .

数据经济、产业与基础设施

中文 English
数字经济 digital economy
数字技术 digital technology
数字基础设施 digital infrastructure
数字产业化 digital industrialization NDA Batch 1 § 16
产业数字化 industrial digitalization NDA Batch 1 § 17
数字经济高质量发展 high-quality development of the digital economy NDA Batch 1 § 18
数字消费 digital consumption NDA Batch 1 § 19
产业互联网 Industrial Internet NDA Batch 1 § 20
城市全域数字化转型 citywide digital transformation NDA Batch 1 § 21
东数西算工程 East Data and West Computing project NDA Batch 1 § 22
高速数据网 high-speed data network NDA Batch 1 § 23
全国一体化算力网 integrated national computing-power network NDA Batch 1 § 24
数据产业 data industry NDA Batch 2 § 13
数据标注产业 data labeling industry NDA Batch 2 § 14
数字产业集群 digital industry cluster NDA Batch 2 § 15
可信数据空间 trusted data space NDA Batch 2 § 16
数据使用控制 data use control NDA Batch 2 § 17
数据基础设施 data infrastructure NDA Batch 2 § 18
算力 computing power
算力调度 computing-power scheduling NDA Batch 2 § 19
算力池化 computing-power pooling NDA Batch 2 § 20
算力资源池 computing-power resource pool
§ 12

Privacy-Enhancing & Data Engineering Technologies .

隐私计算与数据工程技术

中文 English
隐私保护计算 privacy-protective computation NDA Batch 1 § 35; also "privacy computing" (隐私计算)
安全多方计算 secure multi-party computing NDA Batch 1 § 36
联邦学习 federated learning NDA Batch 1 § 37
可信执行环境 trusted execution environment (TEE) NDA Batch 1 § 38
密态计算 cryptographic computing NDA Batch 1 § 39
区块链 blockchain NDA Batch 1 § 40
智能合约 smart contract
同态加密 homomorphic encryption
混淆电路 confusion circuit / garbled circuit
不经意传输 oblivious transfer / inadvertent transmission
秘密分享 secret sharing
数据分析 data analysis
数据挖掘 data mining
数据可视化 data visualization
数据仓库 data warehouse
数据湖 data lake
湖仓一体 integration of lake and warehouse / data lakehouse
§ SUBSCRIBE

The Monday brief.

One short email every Monday. New briefs on Chinese data-compliance rules from the previous week, with the source law cited.

Opt-in only. Unsubscribe anytime by replying "unsubscribe" to any issue.