Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry
Posted in Policy & Regulation, Technology Photo of Jun WeiPhoto of Sherry GongPhoto of Nolan ShawPhoto of Andrew McGintyPhoto of Mark Parsons

China’s second draft of the Cyber Security Law continues to propose more stringent regulation of cyberspace

shutterstock_85035682-300x225On 6 July 2016, a second draft of the People’s Republic of China Cyber Security Law was released to the public for comment following its second reading by the Standing Committee of the National People’s Congress.  The deadline for submitting comments on the second draft is 4 August 2016.

Given the growing cyber threat globally, the Chinese move towards more rigorous cyber security regulation is in line with international trends.  However, the specific approach to regulation being taken in China is a clear outlier, primarily for the broad and often imprecise terminology used in the draft law and also for the invasive and potentially discriminatory nature of the regulation.  Reaction to the draft law, therefore, has been confusion as to who the law will apply to and what requirements the law will bring to those within its reach.  More broadly, the Cyber Security Law has raised fundamental concerns about regulatory intention, and in particular whether or not the law is meant to close certain areas of business to foreign participation.

In our commentary on the first draft of the Cyber Security Law, we categorised three principal areas of interest in the cyber security regulation as:

Technology regulation: Pre-market certification requirements for technology that may be catalogued as being “critical network equipment” or “specialized cyber security products”.
Co-operation with authorities: Imposed duties on “network operators” to provide technical support and assistance in national security and criminal investigations; and.
Data localisation: Requirements for “critical information infrastructure operators” to store data gathered and produced in China on Chinese soil.

Our briefing here focusses on how these key aspects are carried forward in the second draft.  We also place the Cyber Security Law within the greater context of increased regulation of cyber space in China generally, as seen in recent laws and regulations on counter-terrorism, online publishing, and sector-specific draft regulations for banking and insurance, among others.

For our full briefing, please click here.  For a copy of our in-house English translation of the second draft, please email one of our listed contacts or your usual contact person within our firm.