Skip to main content

On-demand webinar coming soon...

Blog

China’s TC260 releases AI safety governance framework

The framework aims to promote responsible AI innovation through a set of requirements to manage the impact of AI systems 

Robb Taylor-Hiscock
Privacy Content Lead, OneTrust, CIPP/E, CIPM
September 13, 2024

Aerial overhead photo of a raised crosswalk with people moving across it.

China’s ongoing efforts to regulate artificial intelligence (AI) have taken a significant step forward with the release of a new AI safety governance framework by the National Information Security Standardization Technical Committee (TC260). As AI systems become more integral to society, this framework sets out a strategic approach for enhancing safety and ensuring that AI technologies are both responsible and ethical. Released on September 9, 2024, this governance framework provides essential guidance for businesses, developers, and regulators involved in AI deployment and management.

 

What is the AI safety governance framework released by the TC260?

TC260’s AI safety governance framework outlines a comprehensive set of principles, regulations, and best practices designed to guide the development, deployment, and oversight of AI technologies. It is part of China’s broader initiative to promote responsible AI innovation while safeguarding national security, public welfare, and data privacy.

The framework addresses the potential risks associated with the unchecked proliferation of AI systems, ranging from unintended biases and data breaches to the broader societal impacts of AI decision-making. By focusing on transparency, accountability, and security, TC260 aims to strike a balance between AI innovation and safety. In particular, the framework emphasizes the importance of governance structures that can anticipate and mitigate potential harms while ensuring AI systems operate within ethical boundaries. This proactive approach aligns with international efforts to establish AI safety regulations, though it remains uniquely tailored to China’s regulatory landscape and priorities.

 

What are the key areas of the framework organizations need to consider?

There are several critical components in the TC260 AI safety governance framework that organizations will need to take into account. 

 

Risk management and transparency 

The framework stresses the need for robust risk management practices, requiring organizations to conduct thorough impact assessments of AI systems before, during, and after deployment. This includes identifying potential biases, ensuring data integrity, establishing security mechanisms, and continuously monitoring AI outcomes. The principle of transparency also plays a central role, with organizations expected to document their AI models, data sources, and decision-making processes to ensure they can be audited. 

 

Ethical responsibilities

Organizations are encouraged to implement AI systems that prioritize public welfare and minimize harm. AI developers are urged to account for the societal and individual impacts of their technologies, with specific attention paid to vulnerable groups. The framework also calls for systems that prevent discrimination, protect privacy, and foster inclusivity.

 

Accountability mechanisms

Organizations are expected to create clear accountability structures to address any unintended consequences stemming from AI systems. This includes establishing protocols for incident reporting and rectification, as well as creating channels for external oversight where necessary. Accountability also extends to ensuring that AI systems are explainable, meaning that decision-making processes should be understandable to stakeholders, particularly in high-stakes scenarios.

 

Cross-border data, security, and privacy considerations

Given the global nature of AI, the framework highlights the importance of safeguarding data across borders. It emphasizes compliance with China’s stringent data security and privacy laws, such as the Data Security Law and Personal Information Protection Law. Organizations operating in China or handling Chinese data must prioritize cross-border data flow protocols to align with these legal frameworks, which are designed to protect national security and citizens’ rights. Applicable security rules on processing personal information should be respected from data collection to data deletion to ensure the user's rights to control, to be informed, and to choose.

 

What are the next steps for the framework and what should organizations do to prepare?

With the framework now in place, organizations can take several steps to align with it and stay prepared for potential regulatory changes.

Begin by establishing dedicated AI governance teams responsible for overseeing compliance with the TC260 framework. These teams should be cross-functional, involving legal, technical, privacy, and operational experts to ensure that all facets of AI safety and governance are covered.

To ensure widespread understanding of the framework's requirements, companies should invest in training programs aimed at informing employees about AI safety, ethics, and governance principles. This will help foster a culture of responsibility and equip employees with the tools to navigate a complex regulatory environment.

Perform detailed audits of current AI systems to ensure they meet the transparency, ethical, and accountability standards outlined in the framework. Where necessary, AI models should be updated to address any shortcomings or risks identified during these audits.

By aligning operations with this framework, organizations reduce the risk of regulatory penalties and can position themselves as leaders in responsible AI innovation. Proactive adherence to these guidelines will be essential for maintaining both compliance and competitive advantage.

 

How OneTrust helps

OneTrust offers Data & AI Governance solutions to help future-proof your business, navigate an evolving regulatory landscape, and manage your AI footprint. Map and visualize your AI use across your organization, to help ensure transparency, accountability, and compliance are considered at every step

By leveraging OneTrust’s Data & AI Governance solution, you can build trust with stakeholders, reduce regulatory risks, and align AI initiatives with your organization’s ethical standards. Request a demo and take the step toward responsible AI management. 


You may also like

Webinar

AI Governance

California's approach to AI: Unpacking new legislation

This webinar unpacks California’s approach to AI and emerging legislations, including legislation on defining AI, AI transparency disclosures, the use of deepfakes, generative AI, and AI models.

October 15, 2024

Learn more

eBook

AI Governance

Securing reliable AI solutions: Strategies for trustworthy procurement

Download this eBook to explore strategies for trustworthy AI procurement and learn how to evaluate vendors, manage risks, and ensure transparency in AI adoption.

September 12, 2024

Learn more

Webinar

AI Governance

Ensuring compliance and operational readiness under the EU AI Act

Join our webinar and learn about the EU AI Act's enforcement requirements and practical strategies for achieving compliance and operational readiness.

August 22, 2024

Learn more

Video

AI Governance

OneTrust AI Governance demo video

Learn how OneTrust AI Governance acts as a unified program center for AI initiatives so you can build and scale your AI governance program

August 13, 2024

Learn more

Webinar

Responsible AI

Privacy and AI: Bridging the divide

Watch this webinar for insights on ensuring responsible data use while building effective AI and privacy programs.

July 31, 2024

Learn more

Webinar

AI Governance

AI governance masterclass miniseries: EU AI Act

Discover the EU AI Act's impact on your business with our video series on its scope, roles, and assessments for responsible AI governance and innovation.

July 31, 2024

Learn more

Resource Kit

Responsible AI

EU AI Act compliance resource kit

Download this resource kit to help you understand, navigate, and ensure compliance with the EU AI Act.

July 22, 2024

Learn more

Webinar

AI Governance

From build to buy: Exploring common approaches to governing AI

In this webinar, we'll navigate the intricate landscape of AI Governance, offering guidance for organizations whether they're developing proprietary AI systems or procuring third-party solutions.

July 10, 2024

Learn more

eBook

AI Governance

Navigating the ISO 42001 framework

Discover the ISO 42001 framework for ethical AI use, risk management, transparency, and continuous improvement. Download our guide for practical implementation steps.

July 03, 2024

Learn more

Webinar

AI Governance

AI Governance Leadership Webinar: Best Practices from IAPP AIGG with KPMG

Join out webinar to hear about the challenges and solutions in AI governance as discussed at the IAPP conference, featuring insights and learnings from our industry thought leadership panel.

June 18, 2024

Learn more

Webinar

AI Governance

Colorado's Bill on AI: Protecting consumers in interactions with AI systems

Colorado has passed landmark legislation regulating the use of Artificial Intelligence (AI) Systems. In this webinar, our panel of experts will review best practices and practical recommendations for compliance with the new law.

June 11, 2024

Learn more

Webinar

AI Governance

Governing data for AI

In this webinar, we’ll break down the AI development lifecycle and the key considerations for teams innovating with AI and ML technologies.

June 04, 2024

Learn more

Report

AI Governance

Global AI Governance law and policy: Jurisdiction overviews

In this 5-part regulatory article series, OneTrust sponsored the IAPP to uncover the legal frameworks, policies, and historical context pertinent to AI governance across five jurisdictions: Singapore, Canada, the U.K., the U.S., and the EU.

May 08, 2024

Learn more

Webinar

AI Governance

Embedding trust by design across the AI lifecycle

In this webinar, we’ll look at the AI development lifecycle and key considerations for governing each phase.

May 07, 2024

Learn more

Webinar

AI Governance

Navigating AI policy in the US: Insights on the OMB Announcement

This webinar will provide insights for navigating the pivotal intersection of the newly announced OMB Policy and the broader regulatory landscape shaping AI governance in the United States. Join us as we unpack the implications of this landmark policy on federal agencies and its ripple effects across the AI ecosystem.

April 18, 2024

Learn more

Webinar

AI Governance

Data privacy in the age of AI

In this webinar, we’ll discuss the evolution of privacy and data protection for AI technologies.

April 17, 2024

Learn more

Resource Kit

AI Governance

OneTrust's journey to AI governance resource toolkit

What actually goes into setting up an AI governance program? Download this resource kit to learn how OneTrust is approaching our own AI governance, and our experience may help shape yours.

April 11, 2024

Learn more

White Paper

AI Governance

Getting started with AI governance: Practical steps and strategies

Download this white paper to explore key drivers of AI and the challenges organizations face in navigating them, ultimately providing practical steps and strategies for setting up your AI governance program.

March 08, 2024

Learn more

Webinar

AI Governance

AI regulations in North America

In this webinar, we’ll discuss key updates and drivers for AI policy in the US; examining actions being taken by the White House, FTC, NIST, and the individual states. 

March 05, 2024

Learn more

In-Person Event

Responsible AI

Data Dialogues: Implementing Responsible AI

Learn how privacy, GRC, and data professionals can assess AI risk, ensure transparency, and enhance explainability in the deployment of AI and ML technologies.

February 23, 2024

Learn more

Webinar

AI Governance

Global trends shaping the AI landscape: What to expect

In this webinar, OneTrust DataGuidance and experts will examine global developments related to AI, highlighting key regulatory trends and themes that can be expected in 2024.

February 13, 2024

Learn more

Webinar

AI Governance

The EU AI Act

In this webinar, we’ll break down the four levels of AI risk under the AI Act, discuss legal requirements for deployers and providers of AI systems, and so much more.

February 06, 2024

Learn more

Webinar

Responsible AI

Preparing for the EU AI Act: Part 2

Join Sidley and OneTrust DataGuidance for a reactionary webinar to unpack the recently published, near-final text of the EU AI Act.

February 05, 2024

Learn more

Webinar

Privacy Management

Data Privacy Day 2024: Reflecting on the past year and anticipating the next

Join our panel of expert privacy professionals as they dissect the key happenings in 2023 and how privacy professionals can approach what may occur in 2024.

January 31, 2024

Learn more

Webinar

AI Governance

Getting started with AI Governance

In this webinar we’ll look at the AI Governance landscape, key trends and challenges, and preview topics we’ll dive into throughout this masterclass.

January 16, 2024

Learn more

Webinar

AI Governance

First Annual Generative AI Survey: Business Rewards vs. Security Risks Panel Discussion

OneTrust sponsored the first annual Generative AI survey, published by ISMG, and this webinar breaks down the key findings of the survey’s results.

January 12, 2024

Learn more

Report

AI Governance

ISMG's First annual generative AI study - Business rewards vs. security risks: Research report

OneTrust sponsored the first annual ISMG generative AI survey: Business rewards vs. security risks.

January 04, 2024

Learn more

Webinar

AI Governance

Building your AI inventory: Strategies for evolving privacy and risk management programs

In this webinar, we’ll talk about setting up an AI registry, assessing AI systems and their components for risk, and unpack strategies to avoid the pitfalls of repurposing records of processing to manage AI systems and address their unique risks. 

December 19, 2023

Learn more

Infographic

Responsible AI

EU AIA Conformity Assessment: A step-by-step guide

A Conformity Assessment is the process of verifying and/or demonstrating that a “high- risk AI system” complies with the requirements of the EU AI Act. Download the infographic for a step-by-step guide to perform one.

November 17, 2023

Learn more

eBook

AI Governance

Navigating the EU AI Act

With the use of AI proliferating at an exponential rate, the EU rolled out a comprehensive, industry-agnostic regulation that looks to minimize AI’s risk while maximizing its potential. 

November 17, 2023

Learn more

Webinar

Responsible AI

OneTrust AI Governance: Championing responsible AI adoption begins here

Join this webinar demonstrating how OneTrust AI Governance can equip your organization to manage AI systems and mitigate risk to demonstrate trust.

November 14, 2023

Learn more

White Paper

AI Governance

AI playbook: An actionable guide

What are your obligations as a business when it comes to AI? Are you using it responsibly? Learn more about how to go about establishing an AI governance team. 

October 31, 2023

Learn more

Webinar

The Shifting US Privacy Landscape: Lessons learned from enforcement actions and emerging trends

Stay ahead of US privacy laws as we explore the lessons learned from CCPA and FTC enforcement and how AI is effecting the regulatory landscape.

October 12, 2023

Learn more

Infographic

AI Governance

The Road to AI Governance: How to get started

AI Governance is a huge initiative to get started with for your organization. From data mapping your AI inventory to revising assessments of AI systems, put your team in a position to ensure responsible AI use across all departments.

October 06, 2023

Learn more

White Paper

AI Governance

How to develop an AI governance program

Download this white paper to learn how your organization can develop an AI governance team to carry out responsible AI use in all use cases.

October 06, 2023

Learn more

eBook

Responsible AI

AI Chatbots: Your questions answered

We answer your questions about AI and chatbot privacy concerns and how it is changing the global regulatory landscape.

August 08, 2023

Learn more

Webinar

Responsible AI

Unpacking the EU AI Act and its impact on the UK

Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.

July 12, 2023

Learn more

Webinar

AI Governance

The EU's AI Act and developing an AI compliance program

Join Sidley and OneTrust DataGuidence as we discuss the proposed EU AI Act, the systems and organizations that it covers, and how to stay ahead of upcoming AI regulations.

May 30, 2023

Learn more

White Paper

AI Governance

Data protection and fairness in AI-driven automated data processing applications: A regulatory overview

With AI systems impacting our lives more than ever before, it's crucial that businesses understand their legal obligations and responsible AI practices.  

May 15, 2023

Learn more

Webinar

AI Governance

AI regulation in the UK – The current state of play

Join OneTrust and their panel of experts as they explore Artificial Intelligence regulation within the UK, sharing invaluable insights into where we are and what’s to come.

March 20, 2023

Learn more

Regulation Book

AI Governance

AI Governance: A consolidated reference

Download this reference book and have foundational AI governance documents at your fingertips as you position your organization to meet emerging AI regulations and guidelines.

Learn more

Webinar

AI Governance

AI governance masterclass

Navigate global AI regulations and identify strategic steps to operationalize compliance with the AI governance masterclass series.

Learn more

AI Governance Demo: Tooling and Considerations to Champion and Implement an AI Governance Program Webinar | Resources | OneTrust

Learn more