A few days ago, it was reported in the Chinese press that opinions were solicited concerning the promulgation of cybersecurity legislation. According to these reports, consultation meetings had already been held with large Chinese companies such as Baidu, Alibaba, Tencent, 360 and Huawei, and that public consultation would be imminent. In the mean time, a draft cybersecurity law has been presented to the National People’s Congress Standing Committee at its bimonthly meeting. No text has been released as of yet, but a Xinhua press release summaries the main points of the draft.
Draft Cybersecurity Law: Safeguard Sovereignty in Cyberspace
Xinhua (Journalists Luo Yufan, Chen Fei)
In order to ensure cybersecurity, safeguard sovereignty and national security in cyberspace, stimulate the healthy development of economic and social informatization, the incessant perfection of laws and regulations in the area of cyberspace protection is urgently required. The 5th Meeting of the 12th National People’s Congress Standing Committee has deliberated a draft cybersecurity law on the 24th.
The draft has 18 articles in 7 chapters, and provides a concrete structural design for areas such as guaranteeing the security of network products and services, guaranteeing the security of network operations, guaranteeing the security of network data, and guaranteeing the security of network information.
Cybersovereignty is the reflection and extension of national sovereignty in cyberspace, the principle of cybersovereignty is an important principle of our country that our country upholds in order to safeguard national security and interests, and participate in international network governance and cooperation. To this end, the draft will take “safeguarding sovereignty and national security in cyberspace” as the main purpose of this legislation. At the same time, according to the principle of equally stressing security and development, a special chapter has been instituted to provide regulations for the national cybersecurity strategy and cybersecurity plans in important areas, and supporting measures to stimulate cybersecurity.
In order to ensure the security of crucial information infrastructure and safeguard national security and the people’s livelihoods, the draft provides provisions concerning operational security of crucial information infrastructure, and to carry out focus protection.
In order to safeguard the lawful, orderly and free circulation of online information, and prevent theft, leaks and illegal use of citizens’ personal information, the draft further perfects structures to protect citizens’ personal information on the basis of the National People’s Congress Standing Committee Decision concerning Strengthening the Protection of Online Information, and standardizes online information dissemination activities.
In order to strengthen the construction of cybersecurity monitoring, early warning and emergency response structures, and raise cybersecurity protection capabilities, the draft requires that relevant State Council departments establish and complete cybersecurity monitoring, early warning and information circulation structures, strengthen cybersecurity information collection, analysis and situation report work; establish cybersecurity emergency response work mechanisms and formulate emergency response plans; and regulate the publication of emergency response information and cybersecurity incident emergency response management measures.