It has been more than three months since the PRC Cyber Security Law (“海涛论坛CSL海涛论坛”) has taken effect on 1 June 2017. Except for the Provisions on Examination of Network Products and Services (Trial) (“海涛论坛NPS Provisions海涛论坛”) which have come into effect on the same day as the CSL, other regulations to supplement and implement the CLS have not yet been enacted. So far, only some supplementary regulations are available in draft versions for public consultation purposes.
On 10 July 2017, the Cyberspace Administration of China (“海涛论坛CAC海涛论坛”) issued a draft of the Regulations for Protection of Critical Information Infrastructure (“海涛论坛CII Regulations海涛论坛”) for public consultation. Given the stringent requirements for “keeping data in China” and “national security assessments” which are initially provided under the CSL for the Critical Information Infrastructure (“海涛论坛CII海涛论坛”) and CII Operators, the draft CII Regulations which are intended to provide clarifications on the CII and CII Operators have generated a lot of attention from companies in private sectors.
Despite of the early stages, the PRC authorities have already taken initiatives to enforce the CSL towards governmental and quasi-governmental entities (i.e. those non-operational entities directly or indirectly supervised or set up by government authorities).
The new developments are mainly in:
海涛论坛1. Legislative Development – Draft CII Regulations海涛论坛
海涛论坛2. 海涛论坛Internal CII Guidelines海涛论坛海涛论坛
海涛论坛3. 海涛论坛Obligations of CII Operators海涛论坛海涛论坛
海涛论坛4. 海涛论坛Enforcement Initiatives海涛论坛海涛论坛
To read the details of this article, please click "read more" below.