China: Consultation closed on Cybersecurity Law Amendments

On 29 September 2022, the Cyberspace Administration of China (CAC) closed the public consultation on the "Decision on Amending the Cybersecurity Law of the People's Republic of China (Draft for Comment)". The proposed amendments would introduce higher penalties for violations of the Cybersecurity Law, including violations of general network operation security provisions, critical information infrastructure provisions, and network information security. Notably, particularly serious violations of network security or network information security protection obligations would be punishable by fines starting at RMB 1 million and capped at either RMB 50 million or 5% of a company's turnover from the previous year. Critical information infrastructure operators using unapproved security products would be fined at least the purchase price of the product in question and up to either ten times the purchase price or 5% of the operator's turnover from the previous year. Fines for individuals who are responsible for particular breaches would also be increased. Finally, Art.70 of the amended Cybersecurity Law would introduce the power to issue similar fines to individuals or organisation spreading prohibited information, including information that endangers national security, advocates terrorism, pornographic content, and false information.