China Justice Observer

中司观察

EnglishArabicChinese (Simplified)DutchFrenchGermanHindiItalianJapaneseKoreanPortugueseRussianSpanishSwedishHebrewIndonesianVietnameseThaiTurkishMalay

China Issues Security Protection Regulations on Critical Information Infrastructure

Wed, 15 Sep 2021
Categories: China Legal Trends
Contributors: CJO Staff Contributors Team
Editor: Huang Yanling 黄燕玲
Save as PDF

On 17 Aug. 2021, the State Council promulgated the “Security Protection Regulations on Critical Information Infrastructure (hereinafter “the Regulations”,关键信息基础设施安全保护条例), which entered into force on 1 Sept. 2021.

There are 51 articles in six chapters. The Regulations provides for the identification of critical information infrastructure, the responsibilities and obligations of the critical information infrastructure operators, the guarantee and promotion of the critical information infrastructure, and the relevant legal liabilities.

Critical information infrastructure in the Regulations refers to the important network facilities and information systems in important industries and fields such as public communication and information services, energy, transportation, water conservancy, finance, public services, e-government services, and science and technology industry of national defense, as well as other important network facilities and information systems that may seriously endanger national security, national economy, people's livelihoods or public interests in the event of damage, malfunction or data leakage.

Pursuant to the Regulations, an operator shall establish and improve the cybersecurity protection and accountability system, and ensure the input of human, financial and material resources. The operator’s person chiefly in charge shall take overall responsibility for the security protection of critical information infrastructure, lead the security protection of critical information infrastructure and the disposal of major cybersecurity events, and organize the study on the resolution of major cybersecurity issues. Besides, an operator shall conduct cybersecurity detection and risk assessment on the critical information infrastructure by itself or an entrusted cybersecurity service provider at least once a year, promptly rectify security problems discovered, and report relevant information as required by the protection authorities. An operator who violates the Regulations may be ordered to make corrections, given a warning, imposed a fine or other administrative penalties, or may even be prosecuted for criminal liability if the act constitutes a crime.

 

 

Cover Photo by Stephen Tafra (https://unsplash.com/@stafra) on Unsplash

Contributors: CJO Staff Contributors Team

Save as PDF

China Legal Trends

Related laws on China Laws Portal

Security Protection Regulations on Critical Information Infrastructure(2021)

You might also like

China Eases Tax Refunds to Boost Inbound Tourist Spending

In 2025, China has lowered its departure tax refund threshold from 500 RMB to 200 RMB and doubled cash refund limits to 20,000 RMB while expanding eligible stores and streamlining processes, aiming to boost inbound tourism spending and promote Chinese products.

Chinese Courts Bolster Pregnant Workers' Rights Protection

In April 2025, China's Ministry of Human Resources and Supreme People's Court released typical labor dispute cases emphasizing stronger protection of pregnant employees' rights, including a case where unlawful job reassignment and salary reduction were ruled illegal.

China Revises Marriage Registration Regulation

China's revised marriage registration rules, effective May 2025, eliminate location restrictions, simplify procedures by removing hukou requirements, and align divorce processes with the Civil Code's cooling-off period.

China’s SPC Issues Foreign State Immunity Case Guidelines

In March 2025, China's Supreme People's Court (SPC) issued procedural guidelines for handling civil cases involving foreign state immunity, implementing the country's shift from absolute to restrictive immunity under the new Foreign State Immunity Law.

SPC Issues Prepaid Consumption Rules & Typical Cases

In March 2025, China’s Supreme People’s Court (SPC) issued a judicial interpretation and six guiding cases to tackle prepaid consumption disputes, invalidating unfair terms, protecting consumer refunds, and penalizing merchants who abscond with prepayments.

SPP Releases Guiding Cases on Civil Adjudication Supervision

In March 2025, China’s Supreme People’s Procuratorate (SPP) released new guiding cases to strengthen supervision over civil judgments, ensuring fairness and correcting errors in court rulings, covering disputes like private loans and traffic accidents.

First Tort Suit Under China’s Anti-Foreign Sanctions Law

In March 2025, China’s Supreme People’s Court (SPC) reported the first-ever tort suit under the Anti-Foreign Sanctions Law, enabling a Chinese firm to recover over CNY 84 million after a European partner withheld payment invoking a third country’s sanctions.

ABLI-HCCH webinar: Cross-Border Commercial Dispute Resolution – Electronic Service of Documents and Remote Taking of Evidence (July 10, 2025)

The Asian Business Law Institute (ABLI) and the Hague Conference on Private International Law (HCCH) will host their fourth joint webinar on July 10, 2024 (5:00–6:10 PM SGT), focusing on electronic service of documents and remote taking of evidence under the Service and Evidence Conventions, featuring expert speakers, with an early bird discount available until June 10.