There are various certifications in China for protecting personal data in apps. The most important is the App Security Certification of the China Cybersecurity Review Technology and Certification Center (CCRC). It applies to apps of all service types, for example, apps developed and used in the smart home sector.
However, there is one important requirement for applying for the certification: a security test must be conducted before the application. If the app operator conducts the security test itself, the CCRC will control the method, process and results of the test. If the app operator engages a CCRC-approved third-party testing organization to conduct the security test, the CCRC will directly adopt their test report.
From our experience, we know that the requirements of the CCRC’s app security certification are relatively strict at present, so the value of this certification is also high. Because awareness of personal data protection is increasing in China, the CCRC’s voluntary app security certification will become the definitive proof of app operators’ compliance with data protection regulations. Certified apps will enjoy a significant competitive advantage among users, and search engines and app stores will give priority to recommending certified apps.