财新传媒 财新传媒

阅读:0
听报道

By: Zhiwei Chen

On September 15, 2018, the Ministry of Public Security ("MPS") issued the Provisions on Internet Security Supervision and Inspection by Public Security Organs (the "Provisions"). The Provisions will come into effect as of November 1, 2018.

Generally, the Provisions provide some guidance for Public Security Bureau’s (“PSB”) cybersecurity supervision and inspection of the following two types of entities: internet service providers and networking companies (联网使用单位).

The following entities are specifically listed within the scope of the PSB’s cybersecurity supervision and inspection:

(1) Those that provide internet access, internet data center, content distribution or domain names services;

(2) Those that provide internet information services;

(3) Those that provide public internet services; and

(4) Those that provide other internet services.

The Provisions authorize the PSB to supervise and inspect, in accordance with relevant regulations and standards (such as GB/T 36627-2018 and GB/T 36635-2018), a wide array of issues relevant to the above entities’ compliance with their cybersecurity obligations, for instance whether they have designated any persons that are responsible for cybersecurity matters, whether they have taken effective technical measures against potential publication or transmission of prohibited information and computer virus or cyber-attacks.

According to the Provisions, the cybersecurity supervision and inspection can be carried out in the form of on-site examination or remote testing. To implement the powers authorized by the Provisions, the PSB may:

(1) Enter the premises of the above entities;

(2) Require the management or the persons responsible for cybersecurity issues to explain relevant issues under inspection;

(3) Review and copy information related to the cybersecurity supervision and inspection; and

(4) Examine the operation status of relevant cybersecurity and information security technical measures taken by the above entities.

Once any cybersecurity vulnerabilities are identified by the PSB, the companies would be required to take effective measure to eliminate such cybersecurity risks. If any minor violations or violations without incurring any consequences are detected by the PSB, the companies shall be ordered to take effective corrective measure that is satisfactory to the PSB within the specified time limit. If any other violations are detected by the PSB, penalties may be imposed in accordance with the PRC Cybersecurity Law and/or other relevant laws or regulations.

作者简介

陈志伟 律师

Email:zhiwei.chen@bryancave.com

供职于美国博恩凯悟律师事务所上海办公室。 厦门大学国际法硕士,美国威斯康辛大学法学硕士。 中华全国律师协会会员,并通过纽约州律师资格考试。 陈律师在海关与贸易合规咨询方面经验丰富。为诸多跨国五百强等公司客户就其日常运营过程中的中国海关法律问题提供法律服务,涉及进出口申报、进出口商业模式设计、内部海关风险控制、海关法律审计、归类、估价、原产地、加工贸易、出口管制、跨境电子商务、海关特殊监管区、跨国公司转移定价、特许权使用费、许可证管理、两用物项、监控化学品、食品进口、医疗器械进口、标签合规、旧机电进口、海关稽查、检验检疫等方方面面。 此外,陈律师在走私案件应对海关调查及刑事辩护方面亦有丰富的成功实战经验。在诸多走私案件的海关调查、检察院审查起诉及法院审判阶段中为客户成功进行法律辩护。

话题:



0

推荐

陈志伟

陈志伟

17篇文章 3年前更新

资深贸易与合规专家。Director of International Trade Services, Crowell & Moring International。厦门大学国际法硕士,美国威斯康辛大学法学硕士。中华全国律师协会会员,并具有纽约州律师执业资格。

文章