PUBLISHING AUTHORITY:

Cyberspace Administration of China

DATE:

September 14, 2022

On September 14, the Cyberspace Administration of China (CAC) issued the Decision on Amending the Cybersecurity Law of the People's Republic of China (Draft for Comments) (the “Draft”).

The Draft mainly makes six changes, mainly focusing on the improvement of the legal liability system of Cybersecurity, increasing the penalties for violations, and strengthening the regulation of operators of critical information infrastructure.

The Draft suggested that the fine for internet operators who fail to take measures to prevent computer viruses or online attacks, or effectively monitor the network operation, shall be increased from the current legal maximum of 100,000 yuan ($14,371) to 1 million yuan if their behavior infringes on national cybersecurity or if they refuse to rectify their flaws after being warned of them.

If the situation is "extremely serious", violators could be fined up to 50 million yuan, or to an equivalent of 5% of their previous year's revenue, according to the administration.

In addition, the Draft would also coordinate with the Personal Information Protection Law by adding transitional provisions.

Reference:

关于公开征求《关于修改〈中华人民共和国网络安全法〉的决定（征求意见稿）》意见的通知