Today, China’s much anticipated Network Security Law comes into effect after two years of review, revisions over three drafts and a public commenting process. The law is a historical development for China’s legislative coverage of information security and data protections. It also represents one of the strictest approaches in any jurisdiction worldwide, and a continuation of a broader effort at demonstrating the government’s cyber-sovereignty goals through control and regulation of data and the internet.

Overview of the Network Security Law

Commonly referred to as the “Cybersecurity Law,” the new piece of legislation has a broad scope and covers a range of issues related to data privacy, security and cross-border transfers, including:

  • Increasing security measures and strengthening data security through a variety of specific obligations
  • Ensuring consent for collection of personal information through the principles of legality, proper justification and necessity
  • Screening equipment and products for security testing and certification
  • Ensuring real-name registration for users
  • Strengthening requirements to cooperate with government agencies during criminal investigations or to protect national security
  • Requiring personal information to be stored in China under some circumstances
  • Increasing confidentiality measures for user information
  • Setting up a complaint and reporting platform for network security

Continue Reading China’s Network Security Law Comes into Effect: What It Means for Your Company