China Passes Network Security Law

10 November 2016
View Client Update

Key takeaways

  • On November 7, 2016, the Standing Committee of the National People’s Congress of China adopted the Network Security Law, which will come into force on June 1, 2017. The country’s first-ever law devoted solely to cybersecurity codifies a variety of cyber-crimes such as illegally obtaining or selling personal information, disseminating malicious software or “prohibited information,” and online fraud. 
  • It also imposes obligations on “Network Operators” with regard to the protection of personal information, content monitoring for “prohibited information,” and cooperation with the authorities. 
  • The Law also imposes additional data localization, data transfer restrictions, and cybersecurity obligations on “Critical Information Infrastructure Operators”.
  • Further, it envisions pre-approval of “critical network equipment” and “specialized cyber-security products” and security screening for “network products or services.”