In a significant move to bolster personal information security, Chinese authorities have unveiled draft regulations targeting large online platforms. Released jointly by the Cyberspace Administration of China (CAC) and the Ministry of Public Security, the proposal seeks public feedback until December 22, 2025. The draft emphasizes the domestic storage of personal data collected within China, with stringent requirements for any cross-border data transfers. Platforms must adhere to national security standards and implement robust technical and managerial safeguards to prevent unauthorized data exports. Additionally, the regulations mandate that online service providers offer users accessible methods to manage their personal information, including options to access, correct, supplement, delete, or transfer their data. In cases of severe data breaches or repeated violations, platforms may face compliance audits and risk assessments conducted by third-party experts. The draft also promotes the use of advanced technologies such as national network identity authentication and data labeling to enhance data protection. Public consultation is actively encouraged, with authorities committed to responding to complaints within 15 working days. This initiative underscores China’s commitment to safeguarding individual privacy while fostering the sustainable growth of the platform economy.