Scribd Logo
Upload

Welcome to Scribd!

  • Ali AR 68

    Uploaded by

    Lieder CL
    10 views1 page
    The document discusses China's regulations around internet security and privacy. It outlines key laws like the National Security Law and Cybersecurity Law that establish security review processes for technologies and services that could impact national security. Network operators and service providers face requirements to address security issues, protect user privacy, and report vulnerabilities. The government regulates the collection and sharing of personal user information by internet companies.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses China's regulations around internet security and privacy. It outlines key laws like the National Security Law and Cybersecurity Law that establish security review processes for technologies and services that could impact national security. Network operators and service providers face requirements to address security issues, protect user privacy, and report vulnerabilities. The government regulates the collection and sharing of personal user information by internet companies.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views1 page

    Ali AR 68

    Uploaded by

    Lieder CL
    The document discusses China's regulations around internet security and privacy. It outlines key laws like the National Security Law and Cybersecurity Law that establish security review processes for technologies and services that could impact national security. Network operators and service providers face requirements to address security issues, protect user privacy, and report vulnerabilities. The government regulates the collection and sharing of personal user information by internet companies.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Business Overview

    Internet security in China is also regulated and network equipment, high-performance computers
    restricted from a national security standpoint. On July and servers, mass storage devices, large databases
    1, 2015, the National People’s Congress Standing and application software, network security equipment,
    Committee promulgated the National Security Law, cloud computing services, and other products and
    which took effect on the same date and replaced services that have an important impact on the security
    the former National Security Law promulgated in of critical information infrastructure which affects or
    1993. According to the National Security Law, the may affect national security is subject to cybersecurity
    state shall ensure that the information system and review by the Cybersecurity Review Office.
    data in important areas are secure and controllable.
    In addition, according to the National Security Law, The Cyberspace Administration is responsible for
    the state shall establish national security review and organizing and implementing cybersecurity reviews,
    supervision institutions and mechanisms, and conduct while the competent departments in key industries
    national security reviews of key technologies and IT such as finance, telecommunications, energy and
    products and services that affect or may affect national transport shall be responsible for organizing and
    security. There are uncertainties on how the National implementing security review of cyber products and
    Security Law will be implemented in practice. services in their respective industries or fields.

    On November 7, 2016, the National People’s Congress On November 15, 2018, the Cyberspace Administration
    Standing Committee promulgated the Cybersecurity issued the Provisions on Security Assessment of the
    Law, which came into effect on June 1, 2017, and Internet Information Services with Public Opinion
    applies to the construction, operation, maintenance Attributes or Social Mobilization Capacity, which came
    and use of networks as well as the supervision into effect on November 30, 2018. The provisions
    and administration of cybersecurity in China. The require ICPs to conduct security assessments on their
    Cybersecurity Law defines “networks” as systems that Internet information services if their services include
    are composed of computers or other information functions that provide channels for the public to
    terminals and relevant facilities used for the purpose express opinions or have the capability of mobilizing
    of collecting, storing, transmitting, exchanging and the public to engage in specific activities. ICPs must
    processing information in accordance with certain conduct self-assessment on, among other things, the
    rules and procedures. “Network operators,” who are legality of new technology involved in the services
    broadly defined as owners and administrators of and the effectiveness of security risk prevention
    networks and network service providers, are subject measures, and file the assessment report with the
    to various security protection-related obligations local competent cyberspace administration authority
    including, among others, security protection, user and public security authority.
    identity verification, cybersecurity emergency response
    plans and technical assistance. Regulation of Privacy Protection
    Under the ICP Measures, ICPs are prohibited from
    According to the Cybersecurity Law, network service
    producing, copying, publishing or distributing
    providers must inform users about and report to
    information that is humiliating or defamatory to others
    the relevant authorities any known security defects
    or that infringes upon the lawful rights and interests of
    and bugs, and must provide continuous security
    others. Depending on the nature of the violation, ICPs
    maintenance services for their products and services.
    may face criminal charges or sanctions by PRC public
    Network products and service providers shall not
    security authorities for these acts, and may be ordered
    contain or provide malware. Network service providers
    to suspend temporarily their services or have their
    who do not comply with the Cybersecurity Law may
    licenses revoked.
    be subject to fines, suspension of their businesses,
    shutdown of their websites, and revocation of their Under the rules issued by the MIIT, ICPs are also
    business licenses. prohibited from collecting any personal user
    information or providing any information to
    On April 13, 2020, the Cyberspace Administration,
    third parties without the consent of the user. The
    the NDRC, the MIIT, and several other governmental
    Cybersecurity Law provides an exception to the consent
    authorities jointly issued the Measures for
    requirement where the information is anonymous, not
    Cybersecurity Review, or the Cybersecurity Review
    personally identifiable and unrecoverable. ICPs must
    Measures, which came into effect on June 1, 2020.
    expressly inform the users of the method, content
    According to the Cybersecurity Review Measures, the
    and purpose of the collection and processing of user
    purchase of cyber products and services including core
    personal information and may only collect information

    76 Alibaba Group Holding Limited

    You might also like