Ministry of Public Security Decree No. 33
Promulgated by the Ministry of Public Security on 30 December 1997
The “Computer Information Network International Interconnection Security Protection Management Rules” were approved by the State Council on 11 December 1997, are hereby promulgated, and take effect on 30 December 1997
Chapter I: General Provisions
Article 1: In order to strengthen the protection of the security of computer information network international interconnection, safeguard public order and social stability, according to the provisions of the “Computer Information System Security Protection Regulations of the People’s Republic of China”, the “Provisional Computer Information Network Management Rules of the People’s Republic of China” and other laws and regulations, these Rules are formulated.
Article 2: These Rules apply to the management of computer information network international interconnection security protection within the borders of the People’s Republic of China
Article 3: The Ministry of Public Security computer management and supervision organs is responsible for management work over computer information network information interconnection security protection. Public security organs’ computer management and supervision organs shall protect the public security of computer information network international interconnections, and safeguard the lawful rights and interests of work units and individuals engaging in international interconnection business, and the public interest.
Article 4: No work unit or individual may use international interconnection to harm national security or divulge State secrets, may not violate the national, social or collective interest or the lawful rights and interests of citizens, and may not engage in unlawful or criminal activities.
Article 5: No work unit or individual may utilize international interconnections to produce, reproduce, consult or disseminate the following information:
(1) inciting resistance, destroying the implementation of the Constitution, laws and administrative regulations;
(2) inciting subversion of State power, toppling the Socialist system;
(3) inciting separatism or destroying national unity;
(4) inciting ethnic hatred, ethnic discrimination or destroying ethnic unity;
(5) concocting or distorting facts, disseminating rumours, disordering social order;
(6) propagating feudal superstition, obscenity, sex, gambling, violence, murder, horror or inciting crime;
(7) brazenly humiliating other persons or concocting facts to slander other persons;
(8) harming the prestige of State organs
(9) other matters violating the Constitution, laws and administrative regulations.
Article 6: No work unit or individual may engage in the following activities endangering computer information network security:
(1) without permission, accessing computer information networks or using computer information network resources;
(2) without permission, conducting deletion, revision or adding to computer information network functions;
(3) without permission, conducting deletion, revision or adding to data stored in, processed or disseminated by computer information networks and application procedures;
(4) wilfully producing or disseminating computer viruses and other destructive processes;
(5) other matters endangering computer information network security.
Article 7: Users’ freedom to communicate and communication secrecy is protected by law. No work unit or individual may violate legal provisions or use international interconnections to violate users’ freedom to communicate and communication secrecy.
Chapter II: The responsibility to protect security
Article 8: Work units and individuals engaging in international interconnection work shall accept security supervision, inspection and guidance from public security organs, truthfully provide information, materials and data documents related to security protection to public security organs, assist with public security organs to investigate and prosecute unlawful and criminal activities of computer information networks through international interconnections.
Article 9: Controlling departments or controlling work units of international entry and exit port channel provision work units, connection work units shall be responsible for security protection management work of international entry and exit port channel and their subordinate interconnection networks according to laws and relevant State regulations.
Article 10: Interconnection work units, access work units and legal persons using computer information network international interconnections and other organizations shall implement the following security protection duties:
(1) being responsible for security protection management work of their networks, establishing and competing security protection management systems;
(2) implementing technological security protection measures, guaranteeing the operational security and information security of their networks;
(3) being responsible for security education and training of their network users;
(4) conducting registration of work units an individual entrusting information dissemination, and conducting examination of the content of the provided information according to Article 5 of these Rules
(5) establishing computer information network electronic announcement system user registration and information management systems;
(6) where discovering one of the circumstances listed in Article 4, Article 5, Article 6 and Article 7 of these Rules, they shall preserve the original relevant records, and report it to the local public security organs within 24 hours;
(7) According to relevant State regulations, deleting addresses and directories containing content as per Article 5 of these Rules or closing servers.
Article 11: Users, when accessing work units to conduct net access formalities, shall fill out a user filing form. The filing form is produced under the supervision of the Ministry of Public Security.
Article 12: Interconnection work units, access work units, legal persons and other organizations (including cross-provincial, autonomous region and municipal interconnection network work units and their subordinate branch organs) using computer information network international interconnections, shall within 30 days of official connection to the network, go to a hearing organ appointed by the provincial, autonomous region or municipal People’s Government public security organ of their locality to carry out filing formalities.
Work units listed in the previous Item shall be responsible for reporting the situation of access work units and users accessing their networks to the public security organs for filing, and timely report changes in the situation of work units and users accessing their network.
Article 13: Those using public or communal access registration shall strengthen management of communal accounts, and establish account use registration systems. User accounts may not be lent or transferred.
Article 14: Work units involved in State affairs, economic construction, national defence construction, scientific and technological frontiers and other important areas, when carrying out filing formalities, shall provide examination and approval certification of their administrative supervision department. The international interconnection of the networks of work units listed in the previous Item, shall adopt corresponding protection measures.
Chapter III: Security supervision
Article 15: Principal, autonomous region and municipal public security offices (bureaus), district (city) and county (city) public opinion bureaus shall have corresponding organs to be responsible for international interconnection security protection management work.
Article 16: Public security organs’ computer management and supervision organs shall grasp the filing situation of interconnection work units, access work units and users, establish filing dossiers, conduct filing statistics, and progressively report this upwards according to relevant State regulations.
Article 17: Public security organs’ computer management and supervision organs shall supervise interconnection work units, access work units and relevant users to establish and complete security protection management systems; supervising and inspecting the network security protection management as well as technology measure implementation situation.
When public security organs’ computer management and supervision organs, when organizing security inspections, related work units shall send people to participate. Public security organ computer management and supervision organs shall put forward opinions for improvement, make detailed records and file them for further reference concerning problems discovered in security inspection.
Article 18: Public security organ computer management and supervision organ discovering addresses, directories or servers containing content listed in Article 5 of these Rules, shall notify the relevant work unit to shut it down or delete it.
Article 19: Public security organ computer supervision and management organs shall be responsible for following, investigating and prosecuting unlawful acts committed through computer information networks and criminal cases related to computer information networks, unlawful and criminal activities violating the provisions of Article 4 and Article 7 of these Rules, shall be transferred to the relevant departments or judicial organs to deal with them according to relevant State regulations.
Chapter IV: Legal responsibility
Article 20: Those violating laws and administrative regulations, with one of the acts listed in Article 5 or Article 6 of these Rules, will be warned by the public security organs, where there is unlawful income, the unlawful income is confiscated, a fine of 5.000 Yuan or less may also be imposed on individuals, and a fine of 50.000 Yuan or less may also be imposed on work units; where circumstances are grave, the punishments of ceasing interconnection for six months or less and shutdown may be imposed, when necessary, it may also be advise that the original permit-issuing or approving organ cancels business permits or cancels interconnection qualification; where it constitutes an act violating public order, it will be punished according to regulations on public order management punishment; where it constitutes a crime, criminal responsibility will be investigated according to the law.
Article 21: Where one of the following acts is present, the public security organ orders rectification within a limited time and issues a warning, where there is unlawful income, the unlawful income is confiscated; where there is no rectification within the provided time limit, the main responsible person and other directly responsible personnel of the work unit may be subject to a fine of 5.000 Yuan or less, and the work unit may be subject to a fine of 50.000 Yuan or less, where circumstances are grave, the punishments of ceasing interconnection for six months or less and shutdown may be imposed, when necessary, it may also be advise that the original permit-issuing or approving organ cancels business permits or cancels interconnection qualification.
(1) not having established security protection management systems;
(2) not having adopted security technology protection measures;
(3) not providing security education and training to network users;
(4) not providing information, materials and data documents needed for security protection measures, or providing untrue content;
(5) not having examined the content of information entrusted for publication or registered the entrusting work unit and individual;
(6) not having established electronic announcement system user registration and information management systems;
(7) not deleting network addresses or directories or shutting down servicers according to relevant State regulations;
(8) not establishing public account use registration systems
(9) Lending or transferring user accounts.
Article 22: Those violating the provisions of Article 4 and Article 7 of these Rules, are punished according to relevant laws and regulations.
Article 23: Those violating the provisions of Article 21 and Article 23 of these Rules, and not implementing filing duties, are punished by the public security organs with a warning or shutting down for rectification for a period not exceeding six months.
Chapter V: Supplementary provisions
Article 24: Security protection management of computer information networks interconnecting with the Hong Kong Special Administrative Region and the Taiwan and Macau regions, are implemented with reference to these Rules.
Article 25: These Rules take effect from the date of promulgation.
第一章 总 则