Library of Congress

Law Library of Congress

The Library of Congress > Law Library > News & Events > Global Legal Monitor

China: Cybersecurity Provisions in Proposed or Recently Passed Laws

(Aug. 25, 2015) China’s legislature is considering passage of a comprehensive cybersecurity law. The proposed law on counterterrorism and two other recently passed laws also contain notable cybersecurity provisions. Some of the key features of the provisions are outlined below. The telecommunications regulations governing telecommunications companies (including Internet service providers (ISPs)), which were amended in July 2014, remain unchanged. (Dianxin Tiaoli [Telecommunications Regulations] (promulgated Sept. 25, 2000, last amended on July 29, 2014), Ministry of Industry and Information Technology website.)

Draft Cybersecurity Law

In July 2015, a 68-article draft Cybersecurity Law was released for solicitation of public opinions and comments; the review period expired on August 5, 2015. (Draft Cybersecurity Law (published July 7, 2015), National People’s Congress of the People’s Republic of China (NPC) website (in Chinese).) The draft law sets forth a detailed plan on cyber monitoring and regulation. The draft requires all network operators to check the identity of users before giving them Internet access. (Draft Cybersecurity Law, art. 20.) Electronic information delivery service providers and application software downloading service providers must also report users who transmit information prohibited by laws and regulations. (Id. art. 41.)

The draft Cybersecurity Law postulates a government system for inspecting and recording Internet activities. (Id. art. 44.) It urges that, “as needed to protect national security and social and public order and responding to major social safety emergencies,” the State Council, or local governments at the provincial level subject to the State Council’s approval, can temporarily restrict Internet communication in an area. (Id. art. 50.)

Draft Counterterrorism Law

Article 15 of the draft Counterterrorism Law requires network and information system operators doing business in China to install interfaces in their products and service plans allowing government monitoring and to submit their encryption scheme to the government for examination. (Draft Counterterrorism Law (published Nov. 3, 2014), art. 15, NPC website (in Chinese).) The draft also requires telecommunications operators and ISPs in China to keep their devices, equipment, and data in China if it is related to their Chinese business. (Id. art. 15.) Telecommunications operators and ISPs must use Internet security techniques and content-monitoring systems to prevent the transmission and distribution of terrorism-related information and report any such information and its users to the government. (Id. art. 16.)

National Security Law

The National Security Law that was passed on July 1, 2015, and became effective the same day states that the country will protect its national sovereignty in cyberspace and will establish a system to inspect and supervise the information technology products and services that affect or may have an effect on national security. (Guojia Anquan Fa [National Security Law] (promulgated by the NPC Standing Committee and effective on July 1, 2015), arts. 25 & 59, XINHUANET.)

Counterespionage Law

Under the Counterespionage Law enacted on November 1, 2014, national security departments are authorized to inspect and under certain circumstances seize an individual or organization’s equipment and facilities, especially telecommunications devices such as cellphones, tablets, and laptops, to meet counterespionage needs. (Fan Jiandie Fa [Counterespionage Law] (promulgated by the NPC Standing Committee on Nov. 1, 2014), art. 13, NPC website.)

Prepared by Qiu Shi, Law Library Intern, under the supervision of Laney Zhang, Senior Foreign Law Specialist.