The Cyberspace Administration of China recently released the Cybersecurity Review Measures (Draft for Comment). According to the draft, where an operator of critical information infrastructure purchases a network product or service, it must make an ex ante assessment of the potential security risks that could emerge once the product or service is put into operation and produce a security report accordingly.
The Cyberspace Administration of China recently issued the Administrative Measures for Data Security (Draft for Comment), which include rules on the collection, storage, transfer, processing and use of data in China via websites, as well as data protection and management. Among other things, the draft measures encourage network operators that collect personal information through websites, apps and other products to formulate specific rules regarding the collection and use of such information.
The Cyberspace Administration of China recently held a public consultation on the Provisions on the Cyber Protection of Personal Information of Children (Draft for Comment). The draft provisions set out a number of recommendations for network operators, including formulating special rules to protect children's personal information and user agreements and employing a personal information protection specialist or designating personnel to oversee the protection of children's personal information.
For foreign investors with an eye on the Chinese insurance market, obtaining an insurance intermediary licence is a good idea. However, compared with insurance brokerage licences, insurance agency licences are difficult for foreign investors to obtain. Therefore, foreign investors that wish to acquire control over a Chinese insurer should consider either setting up a new foreign-invested insurer or acquiring an existing foreign-invested insurer.
The Cyberspace Administration of China recently released the Measures on Security Assessment of Cross-Border Transfer of Personal Information (Draft for Comment). According to the draft, network operators must apply to the provincial-level cyberspace administration for a security assessment before conducting cross-border transfers. Further, network operators must record all cross-border transfers and retain the records for at least five years.
During the past five years, the Chinese courts and arbitration institutions have handled major disputes relating to reinsurance contracts. These cases prompted legislation in the reinsurance sector and drew attention to the need for more careful wording in reinsurance contracts. This article provides an overview of several essential provisions in reinsurance contracts under Chinese law.
The Ministry of Commerce of China recently announced the establishment of an Unreliable Entity List (UEL) targeting foreign entities and individuals that (among other things) fail to comply with the principles of the market economy or threaten China's national security. It is anticipated that the UEL will rely heavily on the Anti-monopoly Law, especially in relation to foreign entities with a noticeable market presence in China.
The China Banking and Insurance Regulatory Commission was recently formally unveiled in Beijing, marking the official launch of the new regulatory authority. This merger of the former China Banking Regulatory Commission and China Insurance Regulatory Commission is the biggest reform of China's financial regulatory system in more than 15 years and marks the start of the 'one committee, one bank, two commissions' regulation framework.
The China Banking and Insurance Regulatory Commission plans to abolish two of the requirements that foreign insurance brokerage companies must meet in order to conduct business in China (ie, 30 years of business operation history and $200 million worth of total assets). If this reform takes place, domestic and foreign investors are expected to have equal status when entering the Chinese insurance brokerage market.
The Security Protection Bureau of the Ministry of Public Security, the Beijing Cyber Industry Association and Research Institute Number 3 of the Ministry of Public Security recently issued the Guidelines for the Protection of Personal Information Security on the Internet, which set out a series of measures and processes for the protection of personal information. Although the guidelines appear to be non-binding, they are likely to be treated as a statute-like norm.
The Shanghai Market Regulation Bureau (SMRB) recently issued a penalty decision addressed to Eastman (China) Investment Management Co, Ltd, a Chinese subsidiary of US Chemical firm Eastman Chemical Company. Since this is the first antitrust enforcement decision to be issued by the SMRB since its establishment, it has drawn significant attention from commentators who have attempted to identify the bureau's enforcement approach.
Following the Chinese Central TV Station's (CCTV's) broadcast of the 3.15 programme in 2019, the Ministry of Industry and Information Technology decided to crack down on telephone harassment and strengthen the protection of personal information in the telecoms and internet sectors. The CCTV will broadcast 3.15 on 15 March each year in order to reveal company activities which infringe consumer rights and interests.
Although still fairly new, the State Administration for Market Regulation (SAMR) diligently investigated and penalised monopolistic behaviour in 2018, publishing a dozen cases alongside its local enforcement agencies which attracted media attention. Notably, livelihood-related industries (including the pharmaceutical industry) and trade associations appeared to come under the SAMR's spotlight.
The Shanghai Consumer Council recently released the results of its assessment of 39 apps, which aimed to evaluate the level of access that they had to users' personal information. The assessment revealed that 25 apps had been over collecting users' personal information and that only 14 apps had actual service-related reasons justifying their collection of sensitive personal information.
The Shenzhen Municipality Justice Bureau recently issued draft regulations on the administration of public security video and image systems for public comment. The draft regulations aim to protect public privacy and strengthen internet information security and information sharing by prohibiting the installation of video and image recording systems in certain locations which concern public privacy. Individuals and entities which fail to comply with the regulations will be subject to fines.
The National People's Congress recently passed and published revisions to the Anti-unfair Competition Law. The revisions focus primarily on trade secret infringement, as trade secrets are regarded as one of the core competitive advantages in today's business world. The main amendments include widening the definition of 'infringer', increasing penalties for infringement and alleviating the burden of proof for plaintiffs.
The State Administration for Market Regulation recently issued a notification which aims to encourage local market regulatory departments to crack down on false and unlawful online advertising and create a positive market environment for online ads. According to the notification, local market regulatory authorities will investigate and severely penalise unlawful online ads which concern, among other things, politically sensitive, vulgar or socially influential issues.
The refusal of the Chinese antitrust authority to green light the Qualcomm/NXP merger garnered significant attention and shone a spotlight on China's merger review practice, particularly with regard to the chip industry. This article provides an overview of Chinese merger control by examining the major chip industry mergers that the former Ministry of Commerce and the current State Administration for Market Regulation have approved with remedies to date.
A Guangdong province public security bureau recently fined an individual for using virtual private network (VPN) software to evade Chinese internet censorship in accordance with the Interim Provisions of the People's Republic of China governing the International Interconnection of Computer-Based Information Networks. Although the provisions were enacted in 1996, this is reportedly the first time that an individual has been punished for using VPN software to evade internet censorship.
The Cyberspace Administration of China, the Ministry of Industry and Information Technology, the Ministry of Public Security and the State Administration for Market Regulation recently announced that they had launched a campaign to stop apps from unlawfully collecting and processing personal data. The announcement sets out the obligations of various parties with regard to the collection and processing of personal data, including app operators, associations, authorities and public security organs.