China Justice Observer


EnglishArabicChinese (Simplified)DutchFrenchGermanHindiItalianJapaneseKoreanPortugueseRussianSpanishSwedishHebrewIndonesianVietnameseThaiTurkishMalay

China to Revise Cybersecurity Law to Strengthen Liabilities for Information Security

Mon, 24 Oct 2022
Categories: China Legal Trends

On 14 Sept. 2022, the Cyberspace Administration of China released the “Decision to Amend the Cybersecurity Law of the People’s Republic of China (Draft for Public Comment)” (关于修改〈中华人民共和国网络安全法〉的决定(征求意见稿)).

China’s Cybersecurity Law came into effect in 2017. Thereafter, in 2021, China amended the Administrative Penalty Law, and enacted the Data Security Law and the Personal Information Protection Law successively. The amendments to the Cybersecurity Law seek to improve consistency between these new laws.

The Draft for Comment mainly makes the following revisions to the current Cybersecurity Law with respect to the legal liability system.

  1. The headline fine on enterprises is significantly raised from CNY 50,000 (USD 7,026) to CNY 100,000 (USD 14,052), to CNY 50 million (USD 7 million) or 5% of the previous year’s turnover.
  2. The scope of violations for which critical information infrastructure operators are liable is more clearly defined, including “use of non-compliant products” and “improper data export”.
  3. Persons who are personally liable for cybersecurity will be banned from acting as directors, supervisors, and senior managers of related enterprises or from engaging in cybersecurity management and key positions of network operation for a certain period of time.



Cover Photo by Liam Li on Unsplash



Contributors: CJO Staff Contributors Team

Save as PDF

Related laws on China Laws Portal

You might also like