HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189760 (18 Oct 2025)

GB/T 41871-2022 PDF English

US$170.00 · In stock · Download in 9 seconds
GB/T 41871-2022: Information security technology - Security requirements for processing of motor vehicle data
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] deliveryName of Chinese StandardStatus
GB/T 41871-2022English170 Add to Cart 0-9 seconds. Auto-delivery Information security technology - Security requirements for processing of motor vehicle data Valid

Excerpted PDFs (Download full copy in 9 seconds upon purchase)

PDF Preview: GB/T 41871-2022
      

Similar standards

GB/T 41819   GB 42250   GB/T 41479   GB/T 37027   

GB/T 41871-2022: Information security technology - Security requirements for processing of motor vehicle data


---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT41871-2022
GB NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.030 CCS L 80 Information security technology - Security requirements for processing of motor vehicle data Issued on. OCTOBER 12, 2022 Implemented on. MAY 01, 2023 Issued by. State Administration for Market Regulation; Standardization Administration of the People’s Republic of China.

Table of Contents

Foreword... 3 1 Scope... 4 2 Normative references... 4 3 Terms and definitions... 4 4 General security requirements... 6 5 Off-vehicle data security requirements... 8 6 Cabin data security requirements... 9 7 Management security requirements... 10 8 Special cases... 10

Foreword

This document is drafted in accordance with the rules given in GB/T 1.1-2020, Directives for standardization - Part 1.Rules for the structure and drafting of standardizing documents. Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying patents. This document shall be under the jurisdiction of National Information Security Standardization Technical Committee (SAC/TC 260). Drafting organizations of this document. China Electronics Standardization Institute, National Computer Network Emergency Response Technical Team/Coordination Center of China, Tsinghua University, China Automotive Research Institute Software Evaluation (Tianjin) Co., Ltd., China Intelligent and Connected Vehicles (Beijing) Research Institute Co., Ltd., Third Research Institute of the Ministry of Public Security of PRC, Institute of Automation, Chinese Academy of Sciences, Beijing Institute of Technology, SAIC Motor Corp., Ltd., Voyah Automobile Technology Co., Ltd., NEXTEV CO., LTD., Zhejiang Extremely Krypton Intelligent Technology Co., Suzhou Zhito Technology Co., Ltd., Chongqing Changan Automobile Co., Ltd., Great Wall Motor Company Limited, Weima Automotive Technology Group Co., Ltd., Huawei Technologies Co., Ltd., Beijing Xiaoma Yixing Technology Co., Ltd., China Association of Automobile Manufacturers, Shanghai Motor Vehicle Inspection Certification & Tech Innovation Center Co., Ltd. Chief drafting staffs of this document. Yao Xiangzhen, Hao Chunliang, Luo Yingluo, Shangguan Xiaoli, Zhang Xiao, Li Zheng, Wang Hui, Jin Tao, Hu Ying, Li Haidong, Hou Xintian, Liu Jianxing, Tang Di, Hong Yanqing, Wang Jiao, Liu Hao, Gu Yongmei, Zhu Xuefeng, Zhu Hao, Zhang Kunbo, Wang Bingzheng, Li Chengze, Wu Jiamei, Si Huachao, Na Qi, Wang Lei, Han Zhao, Chen Chong, Wang Yanhua, Guo Jianling, Teng Tianyi, Pan Kai, Zhu Zhonghe, Wang Xiangyang, Yang Dan. Information security technology - Security requirements for processing of motor vehicle data

1 Scope

This document specifies the general security requirements, off-vehicle data security requirements, cabin data security requirements and management security requirements for motor vehicle data processors to collect and transmit motor vehicle data. This document is applicable to motor vehicle data processing activities carried out by motor vehicle data processors, to the design, production, sales, use, operation and maintenance of automobiles, and also to the supervision, management and evaluation of motor vehicle data processing activities by competent regulatory authorities and third-party evaluation agencies.

2 Normative references

The following documents are normatively referenced in this document and are indispensable for its application. For dated references, only the version corresponding to that date is applicable to this document; for undated references, the latest version (including all amendments) is applicable to this document. GB/T 35273, Information security technology - Personal information security specification GB/T 40660, Information security technology - General requirements for biometric information protection

3 Terms and definitions

The following terms and definitions are applicable to this document. 3.1 Motor vehicle data Personal information data and important data involved in the process of motor vehicle design, production, sales, use, operation and maintenance, etc. 3.2 Personal information Various information related to identified or identifiable vehicle owners, drivers, passengers, and people outside the vehicle, which are recorded electronically or otherwise, excluding anonymized information. 3.3 Sensitive personal information Personal information which – once leaked or used illegally – may lead to discrimination against motor vehicle owners, drivers, passengers, people outside the vehicle, or serious harm to personal and property safety. 3.4 Important data Data which – once tampered with, destroyed, leaked, or illegally obtained or used – may endanger national security, public interest, or the legitimate rights and interests of individuals or organizations. 3.5 Motor vehicle data processor Organizations that carry out motor vehicle data processing activities, including motor vehicle manufacturers, parts and software suppliers, dealers, maintenance organizations, and travel service companies.

4 General security requirements

4.1 The processing of personal information by the motor vehicle data processor shall comply with the following requirements. 4.2 The processing of sensitive personal information by the motor vehicle data processor shall comply with the following requirements. 4.3 Continuous collection of sensitive personal information by motor vehicle data processors shall comply with the following notification requirements. 4.4 The processing of biometric feature information such as face, voiceprint or fingerprint by the motor vehicle data processor shall comply with the following requirements. 4.5 The contact person for user rights affairs set up by the motor vehicle data processor in terms of personal information protection shall meet the following requirements. 4.6 For cabin data, location track data, off-vehicle video and off-vehicle image data, as well as personal information involving more than 100 000 personal information subjects, motor vehicle data processor shall store it within the territory of the People’s Republic of China according to law. 4.7 Motor vehicle data processors shall generally perform other processing after completing desensitization processing when processing important data, and shall generally perform other processing after anonymization or de-identification when processing personal information.

5 Off-vehicle data security requirements

The processing of anonymization of off-vehicle data by motor vehicle data processors shall comply with the following requirements.

6 Cabin data security requirements

6.1 Unless voluntarily set by the motor vehicle driver, the motor vehicle shall be set to the state of not collecting cabin data by default, including not turning on the camera, microphone, infrared sensor, fingerprint sensor and other components in the motor vehicle. 6.2 The motor vehicle shall not provide cabin data to the outside of the vehicle, except for the following circumstances. 6.3 Motor vehicle data processors shall provide convenient ways to terminate the collection of cabin data, including physical buttons, voice control, touch buttons, and motor vehicle use-related applications, etc. In the case of ensuring driving safety and personal safety, the driver, after choosing to terminate the collection, shall turn off the components that collect cabin data such as the microphone and camera in the motor vehicle.

7 Management security requirements

7.1 Motor vehicle data processors shall carry out motor vehicle data risk assessments. The assessment content generally includes motor vehicle data identification, data processing activity identification, motor vehicle data security risk identification, risk analysis and evaluation, etc., which can be carried out in the form of self-assessment or third-party assessment. 7.3 Motor vehicle data processors shall establish and improve the emergency response mechanism for security incidents, carry out emergency drills at least once a year, and should support evidence collection analysis after security incidents through mechanisms such as vehicle data storage and vehicle data traceability. 7.4 The motor vehicle data processors shall accept the motor vehicle data security complaints by means of telephone or instant messaging platform, and generally complete the processing within 10 working days after receiving the complaints, and make a complete record of the processing process and processing results.

8 Special cases

Unless necessary, the requirements of this document do not apply to the following data processing activities. ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.


      

Tips & Frequently Asked Questions

Question 1: How long will the true-PDF of English version of GB/T 41871-2022 be delivered?

Answer: The full copy PDF of English version of GB/T 41871-2022 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GB/T 41871-2022_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 41871-2022_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. www.ChineseStandard.us -- GB/T 41871-2022 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

How to buy and download a true PDF of English version of GB/T 41871-2022?

A step-by-step guide to download PDF of GB/T 41871-2022_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GB/T 41871-2022".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice.
See screenshots for above steps: Steps 1~3    Steps 4~6    Step 7    Step 8    Step 9