Latest updates

Beijing Communications Administration examines app network and data security
AnJie Law Firm
  • China
  • 31 January 2020

The Beijing Communications Administration recently organised a two-month examination of the network and data security of apps to target the illegal, compulsory and excessive collection of user information. The examination selected 50 apps with a certain influence and number of users, covering social media, online rental and automotive services, online education, finance, online medical care, basic telecoms enterprises and six other areas.

Publication of cybersecurity threat information subject to government approval
AnJie Law Firm
  • China
  • 24 January 2020

The Cyberspace Administration of China recently published the Administration Measures for Releasing Cybersecurity Threat Information (Draft for Comments) to solicit public opinions. According to the draft measures, the publication of cybersecurity threat information must be reported to regulators in a number of specific circumstances.

Educational apps must be filed with education administrative departments
AnJie Law Firm
  • China
  • 10 January 2020

The Ministry of Education recently published the Administrative Measures for the Filing of Educational Apps. The administrative measures require providers of educational apps and institutional users of educational apps to go through filing procedures and indicate that the ministry is tightening controls on educational apps in China.

China strengthens regulation of online audiovisual services
AnJie Law Firm
  • China
  • 03 January 2020

The Administrative Provisions on Online Audiovisual Information Services, which were jointly issued by the Cyberspace Administration of China and two other departments in November 2019, recently came into effect. The provisions set out requirements for the creation, distribution and transmission of audio videos based on new technologies and applications such as deep learning and virtual reality.

Shanghai Cyberspace Administration releases 2019 Network Security Incident Contingency Plan
AnJie Law Firm
  • China
  • 20 December 2019

The Shanghai Cyberspace Administration recently released the 2019 Network Security Incident Contingency Plan. According to the contingency plan, network security incidents in Shanghai are classified as Grade I, Grade II, Grade III and Grade IV. If a network security incident occurs, the relevant entity must report it to the competent authority verbally within half an hour and in writing within one hour.

New cryptography law comes into force
AnJie Law Firm
  • China
  • 13 December 2019

The Standing Committee of the National People's Congress recently approved the Cryptography Law. Under the law, cryptography is divided into core cryptography, ordinary cryptography and commercial cryptography. If a commercial cryptography product concerns state security, the national economy, people's livelihoods or social public interests, it will be included in the catalogue of critical network equipment and dedicated cybersecurity products under the law.

Draft rules on collection of personal data by apps revised
AnJie Law Firm
  • China
  • 06 December 2019

The App Governance Panel recently published a new draft of the Information Security Technology – Basic Specification for Collecting Personal Information in Mobile Internet Applications. Among other things, the new draft sets out requirements for apps that contain third-party codes or plug-ins which can collect personal data and revises the list of 'necessary' personal data for a variety of apps.

Revised Personal Information Security Specification released for public consultation
AnJie Law Firm
  • China
  • 29 November 2019

The App Governance Panel recently released a revised version of the Personal Information Security Specification for public consultation following the previous draft versions published in June and January 2019. The revised draft includes amendments regarding unsubscribing from online services and the obligations of data controllers and processors in that regard.

PBoC proposes new rules to regulate collection and processing of personal financial information
AnJie Law Firm
  • China
  • 08 November 2019

The People's Bank of China recently issued the Trial Measures for the Protection of Personal Financial Information/Data (Preliminary Draft) to relevant commercial banks in order to solicit their opinions. It has been reported that under the trial measures, banks and other financial institutions will be unable to obtain personal financial information from third parties that are illegally engaged in personal credit investigation activities.

Guiding Opinions on Promoting the Development of the Network Security Industry published for public comment
AnJie Law Firm
  • China
  • 01 November 2019

The Ministry of Industry and Information Technology recently published the Guiding Opinions on Promoting the Development of the Network Security Industry for public comment. According to the opinions, the ministry aims to have a number of cybersecurity enterprises generating an annual revenue of over Rmb2 billion by 2025. As such, the opinions provide a list of recommendations to that end.

Educational apps must be officially registered by end of 2019
AnJie Law Firm
  • China
  • 25 October 2019

The Ministry of Education and seven other authorities recently published the Opinions on Guiding and Regulating the Orderly and Healthy Development of Educational Apps. The aim is that all educational mobile apps will be registered by the end of 2019. To this end, providers of such apps must file details of their apps with provincial education administrations and adhere to data protection rules.

Regulations on Network Eco-governance issued for public comment
AnJie Law Firm
  • China
  • 18 October 2019

The Cyberspace Administration of China recently published the draft Regulations on Network Eco-governance for public consultation. The regulations apply to the actions of network information content producers, network information content service platforms and network information content service users, which are prohibited from producing illegal or harmful information.

Email addresses and location information likely to fall within scope of 'personal information'
AnJie Law Firm
  • China
  • 11 October 2019

The draft Civil Code was recently submitted to the Standing Committee of the 13th National People's Congress for a third reading. Compared with the first and second drafts, the third draft expands the scope of the definition of 'personal information' to cover email addresses and location information.

Final rules on protection of children's personal information issued
AnJie Law Firm
  • China
  • 04 October 2019

The final version of the Provisions on the Cyber Protection of Personal Information of Children recently came into effect. According to the provisions, network operators must formulate separate rules and user agreements to protect children's personal information and designate a dedicated person to oversee the protection of such information.

New Guiding Opinions on Strengthening Industrial Internet Safety
AnJie Law Firm
  • China
  • 27 September 2019

The Ministry of Industry and Information Technology and nine other authorities recently published the Guiding Opinions on Strengthening Industrial Internet Safety in the context of establishing China's industrial internet security guarantee system. According to the opinions, the industrial internet security guarantee system should be established by the end of 2020 and be a sound and reliable mechanism by 2025.

Cyberspace administration passes review on precondition for purchase contracts for network products and services
AnJie Law Firm
  • China
  • 02 August 2019

The Cyberspace Administration of China recently released the Cybersecurity Review Measures (Draft for Comment). According to the draft, where an operator of critical information infrastructure purchases a network product or service, it must make an ex ante assessment of the potential security risks that could emerge once the product or service is put into operation and produce a security report accordingly.

CAC issues data security rules
AnJie Law Firm
  • China
  • 26 July 2019

The Cyberspace Administration of China recently issued the Administrative Measures for Data Security (Draft for Comment), which include rules on the collection, storage, transfer, processing and use of data in China via websites, as well as data protection and management. Among other things, the draft measures encourage network operators that collect personal information through websites, apps and other products to formulate specific rules regarding the collection and use of such information.

Cyberspace Administration of China issues rules on protection of children's personal information
AnJie Law Firm
  • China
  • 19 July 2019

The Cyberspace Administration of China recently held a public consultation on the Provisions on the Cyber Protection of Personal Information of Children (Draft for Comment). The draft provisions set out a number of recommendations for network operators, including formulating special rules to protect children's personal information and user agreements and employing a personal information protection specialist or designating personnel to oversee the protection of children's personal information.

Cyberspace administration releases new rules on security assessment of cross-border transfers of personal information
AnJie Law Firm
  • China
  • 12 July 2019

The Cyberspace Administration of China recently released the Measures on Security Assessment of Cross-Border Transfer of Personal Information (Draft for Comment). According to the draft, network operators must apply to the provincial-level cyberspace administration for a security assessment before conducting cross-border transfers. Further, network operators must record all cross-border transfers and retain the records for at least five years.

Police authorities issue guidelines on protection of personal information
AnJie Law Firm
  • China
  • 31 May 2019

The Security Protection Bureau of the Ministry of Public Security, the Beijing Cyber Industry Association and Research Institute Number 3 of the Ministry of Public Security recently issued the Guidelines for the Protection of Personal Information Security on the Internet, which set out a series of measures and processes for the protection of personal information. Although the guidelines appear to be non-binding, they are likely to be treated as a statute-like norm.

Current search