The Cybersecurity Law (CSL), China’s first fundamental law to comprehensively regulate cybersecurity issues, is about to undergo its first revision. A key feature of the proposed amendments is a significant increase in penalties for network operators and critical infrastructure operators that fail to comply with relevant cybersecurity protection obligations. For example, the fine range for… Continue reading Cybersecurity Law: Fines Significantly Increased
Tag: network operator
Certification for Systems of Data Security Management
The Chinese Government has been encouraging companies to have mobile app certifications for some time. Search engines and app stores are encouraged to prioritize applications from companies that have certifications. Now, enterprise data security management certification is also to be developed. In early June 2022, the General Administration of Market Supervision and the Office of… Continue reading Certification for Systems of Data Security Management
Who Is Operator of Critical Information Infrastructure?
Critical Information Infrastructure Operators (CIIOs) are a central and so far vague concept of China’s new cybersecurity and data protection system. With the regulations on critical information infrastructure protection (“the regulations”) that came into force on September 1, 2020, the government is now creating more transparency, but at the same time increasing the pressure on… Continue reading Who Is Operator of Critical Information Infrastructure?
MLPS 2.0: China Steps Up Its Cybersecurity Inspections
Implementation of the Cyber Security Law through the Multi Level Protection Scheme (MLPS 2.0) is mandatory for all companies established in China. Because implementation has been slow, the government has now stepped up cybersecurity monitoring and is urging companies to fulfill their MLPS obligations. The authorities are particularly targeting the industrially strong regions, where many… Continue reading MLPS 2.0: China Steps Up Its Cybersecurity Inspections
The Long Arm of the Law: New Draft Law on the Protection of Personal Data
China continues to improve data protection with the Personal Information Protection Law (PIPL). The law, along with the Cyber Security Law and the Data Security Law (still in draft form), will further strengthen personal data protection and have a profound impact on companies inside and outside China. Foreign companies need to pay particular attention to… Continue reading The Long Arm of the Law: New Draft Law on the Protection of Personal Data