Contemporary IT standards in China

According to the Standardisation Administration of China (SAC), depending on the keywords used during a cursory search of standardisation on the Internet there are approximately 152 to 727 current national standards that are related to information technology (IT). While it is not possible to cover all of them in this article, Chris Yau from SGS-CSTC Technical Services Co, Ltd discusses six areas of industry importance: cloud computing, big data, smart cities, blockchain technology and the IOT (Internet of things).

Cloud computing

A cloud computing centre in Fuzhou City, Fujian Province, which supports healthcare, land resources and security industries for Southeast China.

Led by three giant cloud operators in China—the so-called ‘BAT’ (Baidu, Alibaba and Tencent)—China’s cloud computing environment is comparable to the world leaders such as Amazon’s AWS and Microsoft’s Azure. Due to cloud architecture’s cybersecurity and data privacy vulnerabilities, China has gone on to promulgate a litany of standards in cloud computing. Many of these standards are similar in content and coverage to well-known international cloud standards, including the National Institute of Standards and Technology’s SP800 series; the Cloud Security Alliance’s Security, Trust, & Assurance Registry; and the EuroCloud Start Audit.

Big data

Although the term ‘big data’ has been around for some time to describe voluminous amounts of data analysis, this practice is still in its infant stage when it comes to scope and development.

Smart City

Smart cities are not typically considered a form of IT, but they generally require IT in order to function. The existing standards that govern smart cities focus on the fundamentals, such as the city’s governing framework or their key performance indicators. A central standard in China for open data sharing and communication is in high demand but does not yet exist. This is in contrast to the ISO, which has one standard on data interoperability and one on data sharing.

Blockchain

Due to the amount of criminal fraud pertaining to the use of cryptocurrency and initial coin offerings (ICOs), the Chinese Government has suppressed the development of cryptocurrency. However, blockchain is an interesting technology worth exploring and could have many useful applications. As a result, many ISO standards are being developed to help define the scope of blockchain technology and clarify its application. Despite these recent developments internationally, China has yet to make any progress in this area.

IOT

With China having the world’s largest mobile device user base and mobile phone penetration rate, along with the popularity of mobile payment applications, such as WeChat and Alipay, it is natural to assume that IOT standards will be needed for these new technologies, including standards for the applications’ interfaces and for home appliances, smart watches and voice-activated appliance controllers. An example of this complexity can be found in Hangzhou, with a company that solely focuses on designing control modules for devices that range from light bulbs to windows drapes. All of these devices need to work together, and to make that happen a high degree of standardisation is needed. However, despite this technology rapidly advancing, Chinese and ISO standards on IOT are continuing to develop.

Personal data privacy

Personal data privacy is a new concept in China. China does not have a national-level data privacy law like the European Union’s General Data Protection Regulation. The Cybersecurity Law has some personal data privacy provisions, but they are generic and lack the same specificity that exists in overseas privacy laws. There is currently one law that may come close to tackling these issues, however it is currently in the drafting phase and there is no timeline for its publication. The flagship standard GB/T 35273 contains a number of privacy-related requirements, such as explicit opt-in, consent and data minimisation. However, since it is a recommended instead of mandatory standard, its wide-adoption has yet to be seen.

Table 1 – A comparison of standards published by the SAC and the ISO. [1]

Observations

The number of standards published in China clearly reflect its focus on market demand, becoming the primary reason for standardisation. For areas that China is strong in, they have made some strides in standardisation that the international community has not yet embraced.

Besides the above six areas, there are standards that define product specifications and functionalities (e.g. GB/T 20011 for router risk assessment) and are translations of international standards. In terms of technical soundness and coverage, China’s existing standards are world class. On the other hand, because some standards are initiated and drafted by senior engineers in private organisations occasionally they are not rigorous enough.

SGS is the world’s leading inspection, verification, testing and certification company. With more than 95,000 employees, SGS operates a network of over 2,400 offices and laboratories around the world. The SGS Group was recently included on the list of Forbes’ Global 2000 as one of the top multinational performers and world’s most innovative companies. Additionally, the company has been named an industry leader on the Dow Jones Sustainability Index as well as the FTSE4Good Index.

[1] All the numbers are taken from the SAC and the ISO websites on 23^rd August 2018.