Cyber Security in China and Data Protection
Background
With China's new Cybersecurity Law, effective 1st June 2017, businesses in China will find themselves facing increased internet regulation with the aim to protect Critical Information Infrastructure (CII). Critical Information Infrastructure is broadly defined in Article 31 of the law as "public communication and information services, power, traffic, water, finance, public service, electronic governance and other critical information infrastructure that if destroyed, losing function or leaking data might seriously endanger national security, national welfare and the people's livelihood, or the public interest”.
Important definitions relevant to the law are found in Article 76 of the law.
"Networks" refers to systems comprised of computers or other information terminals and related equipment that follow certain rules and procedures for information gathering, storage, transmission, exchange and processing.
"Network security" refers to taking necessary measures to prevent network attacks, incursions, interference, destruction and their unlawful use, as well as unexpected accidents; to put the networks in a state of stable and reliable operation, as well as ensuring the capacity for network data to be complete, confidential and usable.
"Network operators" refers to network owners, managers and network service providers.
"Network data" refers to all kinds of electronic data collected, stored, transmitted, processed, and produced through networks.
"Personal information" refers to all kinds of information, recorded electronically or through other means, that taken alone or together with other information, is sufficient to identify a natural person's identity, including, but not limited to, natural persons' full names, birth dates, identification numbers, personal biometric information, addresses, telephone numbers, and so forth.
If you want more details, please click this link.
Cyber Security in China and Data Protection中英.pdf
