China: Consultation opened for Draft Regulations on the Administration of Network Data Security including cybersecurity requirements

Description

Consultation opened for Draft Regulations on the Administration of Network Data Security including cybersecurity requirements

On 14 November 2021, the consultation for the Draft Regulations on the Administration of Network Data Security opened. The draft in question is intended to implement and to further specify the details of the (i) Cybersecurity Law, (ii) Data Security Law and the (iii) Personal Information Protection Law (PIPL). As the draft provides, companies shall improve their data security management systems (Art. 6). Moreover, carrying out the activities listed under article 13 of the draft, data processors shall apply for cybersecurity review in accordance with the relevant regulations (Art. 13). The consultation will be open until 13 December 2021.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2021-11-14
under deliberation

On 14 November 2021, the Draft Regulations on the Administration of Network Data Security have been…

2021-11-14
in consultation

On 14 November 2021, the consultation for the Draft Regulations on the Administration of Network Da…

2021-12-13
processing consultation

On 13 December 2021, the consultation for the Draft Regulations on the Administration of Network Da…

2024-08-30
adopted

On 30 August 2024, the State Council of China approved the Network Data Security Management Regulat…

2025-01-01
in force

On 1 January 2025, the Network Data Security Management Regulation enters into force. The Regulatio…

Key regulatory dimensions

Regulated subjects

The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type Private organisation
Economic activity cross-cutting
Category All
2
Type Other corporate representative
Economic activity cross-cutting
Category All

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.
personal data (all forms): data processing
Regulatory tool
Preventive security requirement
Audit requirement
Sanctions
Fine
Suspension of business
Termination of business
Termination of business license
Regulated subjects
1
Regulatory tool
Sanctions
Fine
Regulated subjects
2

Policy change by business practice

The detailed activities within the scope of this policy or regulatory change.

personal data (all forms): data processing

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.