On July 6, 2015, China’s National People’s Congress (NPC) released a draft of the Network Security Law (“Draft Law,” referred to in some press articles as the draft Cybersecurity Law) for public comment. Comments can be submitted through the NPC website or by mail before August 5, 2015. The release of the Draft Law follows closely on the heels of the new National Security Law that was enacted last week (see Covington blog post here).
This Draft Law, initially reviewed by the NPC in June, would apply broadly to entities or individuals that construct, operate, maintain, and use networks within the territory of China, as well as those who are responsible for supervising and managing network security. A number of the provisions in this Draft Law, if enacted in their current form, are likely to significantly impact information and communications technology (“ICT”) and other companies with business operations or interests in China.
Those that most merit the close attention of companies are those that relate to (1) the “secure” operations of networks and “critical information infrastructure,” and (2) data protection. This post focuses on the latter.
Continue Reading China Releases Draft of New Network Security Law: Implications for Data Privacy & Security