ARTICLE
20 October 2022

Brief Comments On Draft Amendment Of China's Cybersecurity Law

ZL
Zhong Lun Law Firm

Contributor

Zhong Lun Law Firm logo
Zhong Lun Law Firm, which has achieved a leading market position in China, with over 370 equity partners, more than 2,400 professionals, and close inter-department collaborations among 18 offices, is capable to provide clients with high-quality legal services in more than 60 jurisdictions across a wide range of industries and sectors.
Explore Firm Details
On 12 September 2022, the CAC circulated for public comment the Decision to Amend the Cybersecurity Law of the People's Republic of China (Draft to Solicit Comments).
China Technology
Photo of Peng Cai
Authors

On 12 September 2022, the CAC circulated for public comment the Decision to Amend the Cybersecurity Law of the People's Republic of China (Draft to Solicit Comments).

The draft amendment of the Cybersecurity Law addressed the following perspectives:

  1. Highlighting the importance of cybersecurity management tools. The Graded Protection System for Cybersecurity and the Catalog of Critical Network Equipment and Specialized Cybersecurity Products(“Catalog”) have become the core tools for cybersecurity management. The Graded Protection System for Cybersecurity is the security certification and management measure for network access systems, while the Catalog has become a market access gateway for critical network equipment. Violation of the above requirements will be subject to severe penalty.

  2. Emphasizing the core obligations of the Critical Information Infrastructure Operator (“CIIO”). The existing provisions do not clarify what kind of network operator would be defined as a CIIO. In practice, it mainly counts on the notice from regulatory authorities. We suggest companies conduct self-identification and communicate with the regulatory authorities in a proactive manner to determine whether they are CIIO or not. The draft amendment would raise the financial penalties for non-compliance of CIIOs to an unprecedented level of up to 5% of its last annual turnover.

  3. Underlining Information Security and Content Security. Network operators' infringement of the aforementioned requirement will be subject to severe penalties such as a business operation ban or even withdrawal from the market. The personnel concerned will be subject to a qualification ban for a certain period of time.

Throughout the draft provisions published by the Cyberspace Administration of China, the amendment mainly focuses on aggravating administrative penalties on the perspectives mentioned above, further highlighting the importance of cybersecurity to national security.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Peng Cai
Peng Cai
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More