China: Cybersecurity Review Measures Adopted

On 28 December 2021, the Cyberspace Administration of China (CAC), after working together with a number of other government ministries, adopted the Cybersecurity Review Measures containing cybersecurity measures for critical information infrastructure and network platform operators. The Measures apply to critical information infrastructure operators which purchase network products or services potentially affecting national security, as well as network platform operators engaging in data processing activities that may affect national security. The Measures also apply to network platform operators with personal information of over 1 million users planning to enter a public listing abroad. The affected entities must apply request the Cybersecurity Review Office to conduct a cybersecurity review when they plan to engage in the specified activities. In conducting the review, the Office will consider, for example, whether there is a risk of illegal control, interruption of service supply, or data theft. The Measures will enter into effect on 15 February 2022.