Shulou(Shulou.com)11/24 Report--

CTOnews.com, Sept. 14, according to the official account of "Netletter China" Wechat, today, the Internet Information Office issued a notice on soliciting opinions on the decision on amending the Cyber Security Law of the people's Republic of China (draft for soliciting opinions).

The circular pointed out that in order to do a good job in the convergence and coordination of the Cyber Security Law of the people's Republic of China with relevant laws, improve the legal liability system, protect the legitimate rights and interests of individuals and organizations in cyberspace, and safeguard national security and public interests, the Internet Information Office, together with relevant departments, drafted the decision on amending the Cyber Security Law of the people's Republic of China (draft for soliciting opinions), which is now open to the public for comments.

CTOnews.com learned that in a note on the decision to amend the Cyber Security Law of the people's Republic of China (draft for soliciting opinions), the State Cyber Security Office said that since its implementation in 2017, the Cyber Security Law of the people's Republic of China has provided a strong legal guarantee for safeguarding cyberspace sovereignty, national security, social and public interests, and protecting the legitimate rights and interests of citizens, legal persons and other organizations. At the same time, in order to adapt to the new situation, the Administrative punishment Law of the people's Republic of China, the data Security Law of the people's Republic of China, and the personal Information Protection Law of the people's Republic of China were successively revised and implemented in 2021. In order to do a good job in the convergence and coordination between the Cyber Security Law of the people's Republic of China and the newly implemented laws, improve the legal liability system, and further ensure network security, the following amendments are proposed to the Cyber Security Law of the people's Republic of China:

The first is to improve the legal liability system that violates the general provisions on the safety of network operation. Combined with the implementation of the current legal system of network operation security, it is proposed to adjust the type and range of administrative penalties for acts that violate the obligations of network operation security protection or lead to consequences such as endangering the security of network operation.

The second is to modify the legal liability system for the security protection of key information infrastructure. Key information infrastructure is the nerve center of economic and social operation. In order to strengthen the security protection responsibility of key information infrastructure, we should further improve the administrative penalties for illegal acts of key information infrastructure operators.

The third is to adjust the legal liability system of network information security. To adapt to the reality of network information security work, we have integrated the legal liability for violations of network information security obligations, adjusted the range of administrative penalties and employment prohibition measures, and added new provisions on legal liability for illegal acts that are not stipulated in laws and administrative regulations.

The fourth is to revise the legal liability system for the protection of personal information. In view of the fact that the Law of the people's Republic of China on the Protection of personal Information stipulates a comprehensive legal liability system for the protection of personal information, it is proposed to change the original legal liability for the protection of personal information into a transferable provision.

The specific contents of the decision on amending the Cyber Security Law of the people's Republic of China (draft for soliciting opinions) are as follows:

1. Articles 59, 60, 61 and 62 are amended as follows: "in violation of Article 21, paragraph 1 and paragraph 2 of Article 22, Article 23, paragraph 1 of Article 24, Article 25, Article 26, Article 28, Article 33, Article 34, Article 36, The obligation to protect the security of network operation stipulated in Article 38 or the consequences of endangering the security of network operation. It shall be ordered by the relevant competent department to make corrections, give warnings and notify criticisms. If he refuses to make corrections or the circumstances are serious, he shall be fined not more than RMB 1 million, and may be ordered to suspend the relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license, and the person-in-charge and other persons directly responsible shall be fined not less than RMB 10,000 but not more than RMB 100,000.

If the illegal act specified in the preceding paragraph is particularly serious, the relevant competent department at or above the provincial level shall order it to correct and impose a fine of not less than 1 million yuan but not more than 50 million yuan or less than 5% of the turnover of the previous year, and may be ordered to stop the relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license. The person-in-charge and other persons directly responsible shall be fined not less than 100,000 yuan but not more than 1 million yuan, and may decide to prohibit them from serving as directors, supervisors, senior managers of relevant enterprises or working in key positions in network security management and network operation within a certain period of time. "

2. Articles 63 and 67 shall be revised as follows: "in violation of the provisions of articles 27 and 46 of this Law, engage in activities that endanger network security, or provide procedures and tools specifically used to engage in activities that endanger network security, or provide technical support, advertising promotion, payment and settlement assistance for others to engage in activities that endanger network security. Or set up a website or communication group for the implementation of illegal and criminal activities, or use the network to publish information related to the implementation of illegal and criminal activities, which does not constitute a crime, the illegal income shall be confiscated by the public security organ and detained for not more than five days, may also be fined not less than 50, 000 yuan and not more than 500000 yuan If the circumstances are relatively serious, the offender shall be detained for not less than five days and not more than fifteen days, and may also be fined not less than 100,000 yuan but not more than 1 million yuan.

If a unit commits any of the acts mentioned in the preceding paragraph, the public security organ shall confiscate the illegal income and impose a fine of not less than 100,000 yuan and not more than 1 million yuan, and the person-in-charge and other persons directly responsible shall be punished in accordance with the provisions of the preceding paragraph.

Persons who are punished by the administration of public security in violation of the provisions of Article 27 of this Law shall not be engaged in key posts in network security management and network operation within five years; persons who have been criminally punished shall not be engaged in key positions in network security management and network operation for life. "

Article 64 shall be revised as follows: "if a network operator or a provider of network products or services violates the provisions of paragraph 3 of Article 22 and articles 41 to 44 of this Law and infringes upon the right of personal information to be protected according to law, punishment shall be imposed in accordance with the provisions of relevant laws and administrative regulations."

Article 65 shall be revised as follows: "where an operator of a critical information infrastructure violates the provisions of Article 35 of this Law and uses network products or services that have not been examined or failed the security review, the relevant competent department shall order it to stop use and impose a fine of not less than one time but not more than ten times the purchase amount or not more than 5% of the turnover of the previous year. The person-in-charge and other persons directly responsible shall be fined not less than 10,000 yuan but not more than 100,000 yuan. "

Article 66 shall be revised as follows: "operators of key information infrastructure who, in violation of the provisions of Article 37 of this Law, store network data abroad or provide network data abroad shall be punished in accordance with the provisions of relevant laws and administrative regulations."

5. Articles 68 and 69 are revised as follows: "violating the obligations of network information security protection stipulated in articles 47, 48 and 49 of this Law, or failing to take measures to stop transmission or eliminate the information prohibited or transmitted by laws or administrative regulations in accordance with the requirements of relevant departments." Or if it fails to take measures against the greater security risks of the network and the occurrence of security incidents in accordance with the requirements of the relevant departments, the relevant competent departments shall order them to make corrections, give warnings, circulate criticisms, and confiscate the illegal gains. If he refuses to make corrections or the circumstances are serious, he shall be fined not more than RMB 1 million, and may be ordered to suspend the relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license, and the person-in-charge and other persons directly responsible shall be fined not less than RMB 10,000 but not more than RMB 100,000.

If the circumstances are particularly serious, the relevant competent department at or above the provincial level shall order it to correct, confiscate the illegal income, and impose a fine of not less than 1 million yuan but not more than 50 million yuan or less than 5% of the turnover of the previous year, and may be ordered to suspend relevant business, suspend business for rectification, close down the website, revoke the relevant business license or revoke the business license. The person-in-charge and other persons directly responsible shall be fined not less than 100,000 yuan but not more than 1 million yuan, and may decide to prohibit them from serving as directors, supervisors, senior managers of relevant enterprises or working in key positions in network security management and network operation within a certain period of time. "

Article 70 shall be revised as follows: "whoever publishes or transmits information prohibited by the second paragraph of Article 12 of this Law and other laws and administrative regulations shall be punished in accordance with the provisions of relevant laws and administrative regulations.

Where there are no provisions in laws or administrative regulations, the relevant competent departments shall order them to make corrections, give warnings and circulars of criticism, and confiscate their illegal gains. If he refuses to make corrections or the circumstances are serious, he shall be fined not more than RMB 1 million, and may be ordered to suspend the relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license, and the person-in-charge and other persons directly responsible shall be fined not less than RMB 10,000 but not more than RMB 100,000.

If the circumstances are particularly serious, the relevant competent department at or above the provincial level shall order it to correct, confiscate the illegal income, and impose a fine of not less than 1 million yuan but not more than 50 million yuan or less than 5% of the turnover of the previous year, and may be ordered to suspend relevant business, suspend business for rectification, close down the website, revoke the relevant business license or revoke the business license. The person-in-charge and other persons directly responsible shall be fined not less than 100,000 yuan but not more than 1 million yuan, and may decide to prohibit them from serving as directors, supervisors, senior managers of relevant enterprises or working in key positions in network security management and network operation within a certain period of time. "

In addition, the serial number of the provision has been adjusted accordingly.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.