Author: chinacopyrightandmedia

A Next Generation Artificial Intelligence Development Plan

Posted on Updated on

This documents was translated jointly by Graham Webster, Paul Triolo, Elsa Kania, and Rogier Creemers. John Costello assisted with helpful comments. An analysis of this document can be found on the New America website.

State Council Notice on the Issuance of the Next Generation Artificial Intelligence Development Plan

Completed: July 8, 2017

Released: July 20, 2017

 

A Next Generation Artificial Intelligence Development Plan

 

The rapid development of artificial intelligence (AI) will profoundly change human society and life and change the world. To seize the major strategic opportunity for the development of AI, to build China’s first-mover advantage in the development of AI, to accelerate the construction of an innovative nation and global power in science and technology, in accordance with the requirements of the CCP Central Committee and the State Council, this plan has been formulated.

I.  The Strategic Situation

Read the rest of this entry »

Critical Information Infrastructure Security Protection Regulations

Posted on Updated on

This document was translated jointly by Graham Webster, Paul Triolo and Rogier Creemers

CAC Notice concerning the Public Solicitation of Opinions on the “Critical Information Infrastructure Security Protection Regulations (Opinion-seeking Draft)”

http://www.cac.gov.cn/2017-07/11/m_1121294220.htm

In order to guarantee the security of critical information infrastructure, based on the “Cybersecurity Law of the People’s Republic of China”, our Administration, jointly with relevant departments, has drafted the “Critical Information Infrastructure Security Protection Regulations (Opinion-seeking Draft)”, which is now made public for open solicitation of opinions. Relevant work units and individuals from all circles may, before 10 August, put forward opinions through the following ways:

1, Sending opinions in a letter form to: Beijing Xicheng Chegongzhuang Avenue 11, CAC Cybersecurity Coordination Bureau, Post Code 100044, and clearly indicate “opinion solicitation” on the envelope

2, Sending an e-mail to: security@cac.gov.cn.

CAC

10 July 2017

Critical Information Infrastructure Security Protection Regulations

(Opinion-seeking draft)

Chapter 1: General principles Read the rest of this entry »

Implementing Rules for the Management of Internet News Information Service Licences

Posted on Updated on

Article 1: In order to further raise the standardization and scientization levels of Internet news information service licence management, and stimulate the healthy and orderly development of Internet news information services, on the basis of the “Administrative Licensing Law of the People’s Republic of China” and the “Internet News Information Service Management Regulations” (hereafter simply named “Regulations”), these Implementing Rules are formulated.

Article 2: These Implementing Rules apply to national and provincial, autonomous region and municipal Internet information offices’ implementation of Internet news information service licensing. Read the rest of this entry »

National Intelligence Law of the People’s Republic of China (Draft)

Posted on Updated on

Chapter I: General Provisions

Article 1: In order to strengthen and guarantee national intelligence work, and safeguard national security and interests, on the basis of the Constitution, this Law is formulated.

Article 2: National intelligence work shall persist in an overall national security view, provide intelligence reference for major national policy decisions, provide intelligence support for preventing and dissolving risks endangering national security, and safeguard the national regime, sovereignty, unity, independence and territorial integrity, the prosperity of the people, economic and social sustainable development and other major national interests. Read the rest of this entry »

Interim Security Review Measures for Network Products and Services

Posted on Updated on

This translation was kindly provided by Paul Triolo

Article 1 These Measures are developed with a view to enhancing the secure and controllable levels of network products and services, guarding against cyber security risks, and safeguarding the national security, and in accordance with the laws and regulations such as National Security Law of the People’s Republic of China and the Cybersecurity Law of the People’s Republic of China.

Article 2 Important network products and services procured for use in networks and information systems that touch on national security are subject to a cybersecurity review.

Article 3 A cybersecurity review shall be conducted for network products and services and their supply chains, in a manner that combines enterprise commitments with public supervision, combines third-party assessments with government continuous regulation, and combines laboratory testing with on-site checks, on-line monitoring and background investigations. Read the rest of this entry »

Internet News Information Service Management Regulations

Posted on Updated on

Chapter I: General Provisions

Article 1: In order to strengthen Internet information content management and stimulate the healthy and orderly development of Internet news information services, on the basis of the “Cybersecurity Law of the People’s Republic of China”, the “Internet Information Service Management Rules”, and the “State Council Notice concerning Authorizing the State Internet Information Office to Take Responsibility of Internet Information Content Management Work”, these Regulations are formulated.

Read the rest of this entry »

Regulations for Internet Content Management Administration Law Enforcement Procedures

Posted on Updated on

This translation was kindly provided by John Costello

State Internet Information Office

Decree No. 2

“Regulations for Internet Content Management Administration Law Enforcement Procedures” approved in a meeting of the State Internet Information Office is hereby announced, to be implemented from June 1, 2017 onward.

Director Xu Lin

May 2, 2017

Regulations for Internet Content Management Administration Law Enforcement Procedures Read the rest of this entry »

Encryption Law of the People’s Republic of China (Opinion-seeking Draft)

Posted on Updated on

This translation was created jointly with Paul Triolo and John Costello

Table of contents

Chapter I: General principles

Chapter II: The use of encryption

Chapter III: Encryption security

Chapter IV: Stimulating the development of encryption

Chapter V: Supervision and management

Chapter VI: Legal liability

Chapter VII: Supplementary provisions

Chapter I: General principles

Read the rest of this entry »

Circular of the State Internet Information Office on the Public Consultation on the Measures for the Assessment of Personal Information and Important Data Exit Security (Draft for Soliciting Opinions)

Posted on Updated on

This translation was kindly provided by Paul Triolo

To safeguard personal information and important data security, to safeguard cyberspace sovereignty and national security, and social and public interests, and promote the orderly free flow of network information according to the law, according to the People’s Republic of China National Security Law, the People’s Republic of China Cybersecurity Law, and other laws and regulations , our office has worked with relevant departments and drafted the “Personal Information and Important Data Outbound Security Assessment Measures (draft)”, is now open to the public for comments.

Relevant units and people of all walks of life may submit their views by May 11, 2017, in the following manner:

First, through a letter to the views sent to: Beijing Dongcheng District Chaoyang Gate Street 225, the State Internet Information Office Cybersecurity Coordination Bureau, Zip code: 100010, and in the envelope marked “comments”.

Second, by e-mail to: security@cac.gov.cn.

State Internet Information Office

April 11, 2017

Annex

Personal Information and Important Data Outbound Security Assessment Measures (draft)

Article 1 These Measures have been drafted in order to protect the security of personal information and important data, safeguard cyberspace sovereignty and national security, and social and public interests, while protecting the legitimate interests of citizens, legal persons and other organizations, in accordance with the People’s Republic of China National Security Law, the People’s Republic of China Cybersecurity Law, and other laws and regulations.

Article 2 The personal information and important data collected and generated by network operators within the People’s Republic of China during operations shall be stored within the [national] territory. If the business requirements make it necessary to provide data outside of China, a security assessment shall be carried out in accordance with these Measures.

Article 3 The security assessment for outbound data shall follow the principle of impartiality, objectivity and validity, protect the security of personal information and important data, and promote the orderly and free flow of network information according to law.

Article 4 Where personal information leaves China’s borders, the purpose, scope, content, recipient and destination country of the data shall be explained to the subject of the personal information and agreed upon. Minors’ personal information is subject to the consent of their guardian.

Article 5 State cybersecurity and informatization departments shall coordinate the outbound data outbound security assessment work and guide the industry regulatory or supervisory departments in organizing the outbound data security assessment.

Article 6 Industry regulatory or supervisory departments shall be responsible for the security assessment of the industry outbound data and shall regularly organize the inspection of the specific industry outbound data.

Article 7 Network operators shall, before data leaves China’s borders, on their own initiative organize the conduct of a security assessment for outbound data and be responsible for the evaluation results.

Article 8 The outbound data security assessment shall focus on the following:

(A) the necessity of outbound data;

(B) the conditions touching on personal information, including the amount, scope, type, and sensitivity, and whether or not the subject of the personal information agrees that his/her personal information can leave China’s borders;

(C) the conditions touching on important data, including the amount, scope, type and sensitivity level of important data;

(D) the security protection measures and capability level of the data receiving party, and the cybersecurity environment in the country and region;

(E) risks such as disclosure, damage, tampering and abuse after the data leaves China’s borders and after re-transfer;

(F) the risks that may be brought to national security, social and public interests, and personal legitimate interests arising from the data leaving China’s borders and outbound data collection;

(G) other important matters that need to be assessed.

Article 9 If outbound data is stored in one of the following circumstances, network operators should report to the industry regulators or supervisory authorities and organize a security assessment:

(A) the [data set] contains or has accumulated personal information of more than 500,000 people;

(B) the amount of data is over 1000 GB;

(C) the data includes sector data on nuclear facilities, chemical and biological facilities, the national defense industry, or population health, large-scale engineering activities, the marine environment, and sensitive geographic information data;

(D) the data includes cybersecurity information including system vulnerabilities and security protection for critical information infrastructure;

(E) personal information and important data provided by critical information infrastructure operators to [parties] outside China;

(F) other data that could affect national security and social and public interests that industry regulators or supervisory departments consider should be assessed.

For areas where the is no clear industry regulator or supervisory department, an assessment shall be organized by national cybersecurity and informatization departments.

Article 10 The security assessment organized by industry regulatory or supervisory departments shall be completed within 60 working days, and feedback on the security assessment shall be provided to the network operator in a timely manner and reported to the national cybersecurity and informatization departments.

Article 11 In any of the following circumstances, data shall not be allowed to leave the country:

(A) personal information leaving China’s borders without the consent of the subject of the personal information, or that may be against the interests of the individual;

(B) there is a risk that the data leaving China’s borders could impact national politics, the economy, S&T, and national defense, and could affect national security and harm social and public interests;

(C) other data that national cybersecurity and informatization departments, public security departments, state security departments, and other relevant departments deem cannot leave China.

Article 12 Network operators should, according to business development and the network operation situation, annually conduct at least once a security assessment of outbound data, ad in a timely manner assess the situation and report to industry regulatory and supervisory departments.

When the data receiver changes, or there is a relatively large change in the destination, scope, quantity, type of data, etc., or a major security incident occurs with the data receiver or outbound data, a new security assessment should be conducted.

Article 13 Any individual or organization shall have the right to report to the relevant cybersecurity and informatization departments, public security department, and other relevant departments any violations of relevant laws and regulations and these Measures in terms of providing data outside of China’s borders.

Article 14 Whoever violates the provisions of these Measures shall be punished in accordance with the relevant laws and regulations.

Article 15 Agreements between the Chinese government and other countries and regions on outbound data shall be carried out in accordance with the provisions of the agreement.

Data involving state secret information shall be handled in accordance with the relevant provisions.

Article 16 Security assessment work for the personal information and important data sent outside China’s borders that was collected and produced by other individuals and organizations within the territory of the People’s Republic of China shall be carried out in accordance with the present Measures.

Article 17 The definitions for the following terms used in the present Measures:

A network operator is the owner of a network, a manager, and a network service provider.

Outbound data refers to personal and important information co9llection and generated by network operators during operations within the territory of the People’s Republic of China, and provided to overseas institutions, organizations, or individuals.

Personal information refers to various types of information recorded by electronic or other means capable of identifying a person’s personal identity alone or in combination with other information, including but not limited to the name of the natural person, date of birth, identity document number, personal biometric information, telephone number and so on. Important data refers to data that is closely related to national security, economic development, and social and public interests, with specific reference to national relevant standards and important data identification guidelines.

Article 18 These Measures shall come into force on the day X of 2017.

Office of the Central Cybersecurity and Informatization Leading Small Group

(Cyberspace Administration of China)

Cybersecurity Coordination Bureau

国家互联网信息办公室关于《个人信息和重要数据出境安全评估办法(征求意见稿)》公开征求意见的通知

为保障个人信息和重要数据安全,维护网络空间主权和国家安全、社会公共利益,促进网络信息依法有序自由流动,依据《中华人民共和国国家安全法》《中华人民共和国网络安全法》等法律法规,我办会同相关部门起草了《个人信息和重要数据出境安全评估办法(征求意见稿)》,现向社会公开征求意见。有关单位和各界人士可以在2017年5月11日前,通过以下方式提出意见:

一、通过信函方式将意见寄至:北京市东城区朝阳门内大街225号国家互联网信息办公室网络安全协调局,邮编:100010,并在信封上注明“征求意见”。

二、通过电子邮件方式发送至:security@cac.gov.cn。

附件:个人信息和重要数据出境安全评估办法(征求意见稿)

国家互联网信息办公室

2017年4月11日

附件

个人信息和重要数据出境安全评估办法

(征求意见稿)

第一条 为保障个人信息和重要数据安全,维护网络空间主权和国家安全、社会公共利益,保护公民、法人和其他组织的合法利益,根据《中华人民共和国国家安全法》《中华人民共和国网络安全法》等法律法规,制定本办法。

第二条 网络运营者在中华人民共和国境内运营中收集和产生的个人信息和重要数据,应当在境内存储。因业务需要,确需向境外提供的,应当按照本办法进行安全评估。

第三条 数据出境安全评估应遵循公正、客观、有效的原则,保障个人信息和重要数据安全,促进网络信息依法有序自由流动。

第四条 个人信息出境,应向个人信息主体说明数据出境的目的、范围、内容、接收方及接收方所在的国家或地区,并经其同意。未成年人个人信息出境须经其监护人同意。

第五条 国家网信部门统筹协调数据出境安全评估工作,指导行业主管或监管部门组织开展数据出境安全评估。

第六条 行业主管或监管部门负责本行业数据出境安全评估工作,定期组织开展本行业数据出境安全检查。

第七条 网络运营者应在数据出境前,自行组织对数据出境进行安全评估,并对评估结果负责。

第八条 数据出境安全评估应重点评估以下内容:

(一)数据出境的必要性;

(二)涉及个人信息情况,包括个人信息的数量、范围、类型、敏感程度,以及个人信息主体是否同意其个人信息出境等;

(三)涉及重要数据情况,包括重要数据的数量、范围、类型及其敏感程度等;

(四)数据接收方的安全保护措施、能力和水平,以及所在国家和地区的网络安全环境等;

(五)数据出境及再转移后被泄露、毁损、篡改、滥用等风险;

(六)数据出境及出境数据汇聚可能对国家安全、社会公共利益、个人合法利益带来的风险;

(七)其他需要评估的重要事项。

第九条 出境数据存在以下情况之一的,网络运营者应报请行业主管或监管部门组织安全评估:

(一)含有或累计含有50万人以上的个人信息;

(二)数据量超过1000GB;

(三)包含核设施、化学生物、国防军工、人口健康等领域数据,大型工程活动、海洋环境以及敏感地理信息数据等;

(四)包含关键信息基础设施的系统漏洞、安全防护等网络安全信息;

(五)关键信息基础设施运营者向境外提供个人信息和重要数据;

(六)其他可能影响国家安全和社会公共利益,行业主管或监管部门认为应该评估。

行业主管或监管部门不明确的,由国家网信部门组织评估。

第十条 行业主管或监管部门组织的安全评估,应当于六十个工作日内完成,及时向网络运营者反馈安全评估情况,并报国家网信部门。

第十一条 存在以下情况之一的,数据不得出境:

(一)个人信息出境未经个人信息主体同意,或可能侵害个人利益;

(二)数据出境给国家政治、经济、科技、国防等安全带来风险,可能影响国家安全、损害社会公共利益;

(三)其他经国家网信部门、公安部门、安全部门等有关部门认定不能出境的。

第十二条 网络运营者应根据业务发展和网络运营情况,每年对数据出境至少进行一次安全评估,及时将评估情况报行业主管或监管部门。

当数据接收方出现变更,数据出境目的、范围、数量、类型等发生较大变化,数据接收方或出境数据发生重大安全事件时,应及时重新进行安全评估。

第十三条 对违反相关法律法规和本办法向境外提供数据的行为,任何个人和组织有权向国家网信部门、公安部门等有关部门举报。

第十四条 违反本办法规定的,依照有关法律法规进行处罚。

第十五条 我国政府与其他国家、地区签署的关于数据出境的协议,按照协议的规定执行。
涉及国家秘密信息的按照相关规定执行。

第十六条 其他个人和组织在中华人民共和国境内收集和产生的个人信息和重要数据出境的安全评估工作参照本办法执行。

第十七条 本办法下列用语的含义:

网络运营者,是指网络的所有者、管理者和网络服务提供者。

数据出境,是指网络运营者将在中华人民共和国境内运营中收集和产生的个人信息和重要数据,提供给位于境外的机构、组织、个人。

个人信息,是指以电子或者其他方式记录的能够单独或者与其他信息结合识别自然人个人身份的各种信息,包括但不限于自然人的姓名、出生日期、身份证件号码、个人生物识别信息、住址、电话号码等。

重要数据,是指与国家安全、经济发展,以及社会公共利益密切相关的数据,具体范围参照国家有关标准和重要数据识别指南。

第十八条 本办法自2017年 月 日起实施。

 International Strategy of Cooperation on Cyberspace

Posted on Updated on

This is the official translation of this text, as published by Xinhua

Contents

Preface

Chapter I. Opportunities and Challenges 

Chapter II. Basic Principles

1.The Principle of Peace

2.The Principle of Sovereignty 

3.The Principle of Shared Governance 

4.The Principle of Shared Benefits 

Chapter III. Strategic Goals

1. Safeguarding Sovereignty and Security

2. Developing A System of International Rules

3. Promoting Fair Internet Governance

4. Protecting Legitimate Rights and Interests of Citizens

5. Promoting Cooperation on Digital Economy 

6. Building Platform for Cyber Culture Exchange

Chapter IV. Plan of Action

1. Peace and Stability in Cyberspace 

2. Rule-based Order in Cyberspace 

3. Partnership in Cyberspace 

4. Reform of Global Internet Governance System 

5. International Cooperation on Cyber Terrorism and Cyber Crimes 

6. Protection of Citizens’ Rights and Interests Including Privacy

7. Digital Economy and Sharing of Digital Dividends 

8. Global Information Infrastructure Development and Protection 

9. Exchange of Cyber Cultures 

Conclusion

Preface

Cyberspace is the common space of activities for mankind. The future of cyberspace should be in the hands of all countries. Countries should step up communications, broaden consensus and deepen cooperation to jointly build a community of shared future in cyberspace. 

—Remarks by H.E. Xi Jinping, President of the People’s Republic of China, 2015/12/16

Read the rest of this entry »

Measures for the Security Review of Internet Products and Services (Opinion-seeking Draft)

Posted on Updated on

This translation was kindly provided by Paul Triolo

The Central Cybersecurity and Informatization Leading Group Office, the Central Internet Security and Informatization Leading Group (CCILSG) Office
The People’s Republic of China State Internet Information Office, The State Internet Information Office 

Notice of the  on Public Consultation on the Measures for the Security Review of Internet Products and Services (Opinion-seeking draft)

In order to improve the security and controllability of network products and services, prevent supply chain security risks, and safeguard national security and the public interest, the CCILSG Office has drafted the Measures for the Security Review of Network Products and Services (draft for soliciting opinions ) “, and it is now open to the public for comments The relevant units and people of all walks of life can make comments according to the following procedure, before March 4, 2017. 

First, send comments by letter to: Beijing Dongcheng District, Chaoyang Gate Street 225 State Internet Information Office Cybersecurity Coordination Bureau, Zip Code: 100010, and mark on the envelope “solicited comments.”

Second, by e-mail sento: zhangheng@cac.gov.cn.

Annex: Measures for Network Products and Services Security Review (draft)

State Internet Information Office

February 4, 2017

Measures 
for Network Products and Services Security Review

(Opinion-seeking Draft)

Article 1: The security and controllability of network products and services directly affect the interests of users and the national security. These Measures are formulated in accordance with the National Security Law of the People’s Republic of China and the Cybersecurity Law of the People’s Republic of China to improve the security and controllability of network products and services, guard against supply chain safety risks, and safeguard national security and the public interest.

Article 2: Important network products and services that are used by the national security and public interest information systems shall undergo a cybersecurity review.

Article 3: A cybersecurity review of network products and services and their providers shall be carried out, insisting on the combination of enterprise commitment and social supervision, combining third-party evaluation and government supervision, combining laboratory testing, on-site inspection, on-line monitoring, and background investigations.

Article 4: The review shall focuon the the security and controllability of network products and services, including:

(1) the risks of illegal control, interference and interruption of the operation of products and services;

(2) risks in the R&D, delivery, and technical support of products and key components;

(3) risks related to product and services providers utilizing the convenience of providing products and services to engage in illegal collection, storage, handling and utilization of user-related information;

(4) products and service providers taking advantage of users’ reliance on products and services, and carrying out unfair competition or harm to the interests of users;

(5) other risks that may endanger national security and the public interest.

Article 5 The State Internet Information Office, in conjunction with relevant departments, shall set up a Cybersecurity Review Committee to review important policies of the cybersecurity review, organize cybersecurity review work, and coordinate the relevant important issues related to the cybersecurity review.

The Cybersecurity Review Office  shall concretely organize and implement the cybersecurity review.

Article 6: The Cybersecurity Review Committee shall appoint relevant experts to form a Cybersecurity Review Experts Committee to conduct a comprehensive evaluation on the security risks of network products and services and the security and trustworthiness of suppliers on the basis of the third-party evaluation.
Read the rest of this entry »

Opinions concerning Stimulating the Healthy and Orderly Development of the Mobile Internet

Posted on Updated on

Central Committee General Office

State Council General Office

Following the swift development of information network technology and the broad popularization of smart mobile terminals, mobile Internet has, with its prominent advantages of broad availability, connectivity, smartness and universality, powerfully promoted a profound convergence between the Internet and the real economy, it has become a new area for innovative development, a new platform for public services, and a new channel for information sharing. In order to deeply implement General Secretary Xi Jinping’s thinking about the strong cyber power strategy, and stimulate the orderly and healthy development of our country’s mobile Internet, the following opinions are hereby put forward. Read the rest of this entry »

National Cyberspace Security Strategy

Posted on Updated on

The broad application of information technologies and the rise and development of cyberspace has extremely greatly stimulated economic and social flourishing and progress, but at the same time, has also brought new security risks and challenges. Cyberspace security (hereafter named cybersecurity) concerns the common interest of humankind, concerns global peace and development, and concerns the national security of all countries. Safeguarding our country’s cybersecurity is an important measure to move forward the strategic arrangement of comprehensively constructing a moderately prosperous society, comprehensively deepening reform, comprehensively governing the country according to the law, and comprehensively and strictly governing the Party forward in a coordinated manner, and is an important guarantee to realize the “Two Centenaries” struggle objective and realize the Chinese Dream of the great rejuvenation of the Chinese nation. In order to implement Xi Jinping’s “Four Principles” concerning moving forward reform of the global Internet governance system and the “Five Standpoints” on building a community of common destiny in cyberspace, elaborate China’s important standpoints concerning cyberspace development and security, guide China’s cybersecurity work and safeguard the country’s interests in the sovereignty, security and development of cyberspace, this Strategy is formulated.

Read the rest of this entry »

Guiding Opinions concerning Strengthening the Construction of a Personal Sincerity System

Posted on Updated on

State Council General Office

GBF No. (2016)98

All provincial, autonomous region and municipal people’s governments, all State Council ministries and commissions, all directly subordinate bodies:

In order to carry forward the traditional virtue of sincerity, strengthen the sincerity consciousness of members of society, strengthen the construction of a personal sincerity system, praise sincerity and punish trust-breaking, raise the credit levels of the entire society and create a beneficial credit environment, with the approval of the State Council, these Opinions are hereby put forward. Read the rest of this entry »

Cybersecurity Law of the People’s Republic of China

Posted on Updated on

This translation was revised and edited by Paul Triolo, and is posted here with kind permission.

Table of Contents

Chapter I: General Provisions

Chapter II: Support and Promotion of Cybersecurity

Chapter III: Network Operations Security

Section 1: General Provisions

Section 2: Operations Security for Critical Information Infrastructure

Chapter IV: Network Information Security

Chapter V: Monitoring, Early Warnings, and Emergency Responses

Chapter VI: Legal Responsibility

Chapter VII: Supplementary Provisions

Chapter I: General Provisions

Article 1: This Law is formulated in order to ensure cybersecurity, safeguard cyberspace sovereignty and national security, and social and public interests, to protect the lawful rights and interests of citizens, legal persons, and other organizations, and to promote the healthy development of the informatization of the economy and society. Read the rest of this entry »

Measures on the Administration of Internet Live-streaming Services

Posted on Updated on

This translation was published first on China Law Translate, and is reposted here with kind permission.

Article 1: These Provisions are formulated on the basis of the “Standing Committee of the National of the National People’s Congress’s Decision on Strengthening Protections for Online Information”, the “State Council’s Notification of Authorization of the State Internet Information Office to be Responsible for Efforts to Management Internet Information Content”, “Measures for the Management of Internet Information Services”, and the “Provisions on the Management of Internet News Information Services” so as to strengthen management of internet live-streaming services, to protect the lawful rights and interests of citizens, legal persons, and other organizations, safeguard national security and the public interest.

Read the rest of this entry »

Cybersecurity Law of the People’s Republic of China (Third Reading Draft)

Posted on

This is an annotated translation of the Third Reading Draft of the Chinese Cybersecurity Law. Struck through text indicates text removed from the second draft, underlined text indicates text added to the third draft. This translation is based on ChinaLawTranslate’s translation of the first draft, to which I contributed and which is used with kind permission. 

Chapter I: General Provisions

Chapter II: Cybersecurity Strategy, Planning and Promotion

Chapter III: Network Operations Security

Section 1: General Provisions

Section 2: Operations Security for Critical Information Infrastructure

Chapter IV: Network Information Security

Chapter V: Monitoring, Early Warnings, and Emergency Response

Chapter VI Legal Responsibility

Chapter VII: Supplementary Provisions

Read the rest of this entry »

Cybersecurity Law moves towards promulgation

Posted on

Today, it was reported that China’s draft cybersecurity law has been presented to the National People’s Congress for a third reading. It is widely expected that this reading will accept the law, which will thus be promulgated soon. The following is a translation of a Xinhua report, which outlines the changes that have been made.

The third deliberation draft of the Cybersecurity Law was submitted to the NPC Standing Committee for deliberation on the 31st. The NPC Legal Committee indicated in its report concerning the draft’s deliberation results, that the third draft made a partial revision on the basis of the second draft, including a further planned definition of the scope of crucial information infrastructure; it also provides corresponding punishment measures against foreign organizations and individuals attacking or destroying our country’s crucial information infrastructure.

Planned further definition of the scope of critical information infrastructure. Read the rest of this entry »

Information Security Protection Guidelines for Industrial Control Systems.

Posted on Updated on

Information security in industrial control systems affects economic development, social stability and national security. In order to enhance the information security protection levels of industrial control systems in industrial enterprises (hereafter simply named industrial control security), and ensure the security of industrial control systems, these Guidelines are formulated.

These Guidelines apply to enterprises utilizing industrial control systems, as well as enterprise and undertaking work units engaging in industrial control system planning, design, construction, operations and maintenance, as well as evaluation.

Enterprises utilizing industrial control systems shall conduct industrial control security protection work well, on the basis of the following eleven aspects. Read the rest of this entry »

Opinions concerning Accelerating the Construction of Credit Supervision, Warning and Punishment Mechanisms for Persons Subject to Enforcement for Trust-Breaking

Posted on Updated on

 

Opinions concerning Accelerating the Construction of Credit Supervision, Warning and Punishment Mechanisms for Persons Subject to Enforcement for Trust-Breaking

CCP Central Committee General Office, State Council General Office

Information concerning people who are subject to enforcement for trust-breaking through a judicial procedure by a People’s Court is an important component of social credit information. Conducting credit supervision, warning and punishment of people subject to enforcement for trust-breaking, benefits stimulating persons subject to enforcement to consciously implement their duties established in valid legal documents, raises judicial credibility, and moves forward the construction of the social credit system. In order to accelerate the construction of credit supervision, warning and punishment mechanisms for people subject to enforcement for trust-breaking, the following Opinions are hereby formulated. Read the rest of this entry »