Since the implementation of the Cybersecurity Law on 1 June 2017, a series of supplementary implementing measures have been publicized. To help enterprises better understand their compliance obligations under these rules, this article analyzes the legal framework of the Cybersecurity Law and raises some practical suggestions.
Senior partner
AllBright Law Offices
Applicable subjects. Any enterprise that “builds, operates, maintains, and uses the internet” in China is subject to the Cybersecurity Law. Specifically, the Cybersecurity Law applies to “network operators”, which cover “network owners, administrators and network service providers”.
Among all the network operators, some are referred to as “critical information infrastructure operators” (CIIOs). CIIOs are network operators related to public services and peoples’ livelihoods. Providers of network products and services, and any individual, enterprise and social organization that uses interactive information systems to communicate should also comply with the Cybersecurity Law.
Associate
AllBright Law Offices
Specific compliance obligations. The Cybersecurity Law aims to achieve protection at…
