On December 29, 2017, the Standardization Administration of China, jointly with the PRC General Administration of Quality Supervision, Inspection and Quarantine, issued the Information Security Technology – Personal Information Security Specification, which officially came into effect on May 1, 2018. The Specification has, in very practical terms, become an important point of reference in evaluating the complex overlay of data protection compliance requirements found in the Cyber Security Law, the Law on the Protection of Consumer Rights and Interests, the e-Commerce Law and other enactments and measures.
Fifteen months after forming an Internet of Things working group, on March 2, 2016, the Online Trust Alliance released a final version of its IoT Framework along with a companion Resource Guide that provides explanations and additional resources. The voluntary Framework sets forth thirty suggested guidelines that provide criteria for designing privacy, security, and sustainability into connected devices. The creation of the OTA IoT principles represents a potential starting point for achieving privacy- and security-protective innovation for IoT devices.