By Susan Ning, Wu Han, Chen Shengnan, Li Huihui King & Wood Mallesons’ Commercial & Regulatory group.

ning_susanOn May 2, 2017, the Cyberspace Administration of China (“CAC”) successively published on its official website the Measures for Security Review of Network Products and Services (Tentative) (the “Review Measures”), the Provisions on the Administration of Internet News Information Services (the “Administrative Provisions”) and the Procedural Regulations for Administrative Law Enforcement Concerning Internet Information Content Management (the “Procedural Regulations”). Following our earlier writings about the Review Measures and the Administrative Provisions, this article focuses on the main features and content of the Procedural Regulations. 

While the Administrative Provisions were more like an amendment of those in 2005, the Procedural Regulations are indeed the first departmental regulations on procedural issues within the framework of theCybersecurity Law. While the Review Measures establish a framework, the Procedural Regulations set out “unified, comprehensive, specific and updated” rules in accordance with the fundamental principles of theAdministrative Penalty Law. They provide a strong legal basis for the future supervision of the management of internet information content and the enforcement of that supervision.

Unified and coordinated law enforcement

The Procedural Regulations not only provide guiding rules for administrative enforcement procedures concerning internet information content management, but also introduce a new era of “unified and coordinated law enforcement”.

Previously, internet information content was regulated by multiple authorities. Article 18 of the Administrative Measures for Internet Information Services (Revised in 2011) stated that “such competent authorities as the authorities in charge of the press, publishing, education, public health, supervision and administration of pharmaceuticals, administration for industry and commerce, public security and national security shall supervise and administer the content of internet information within their respective scopes of duties in accordance with the law”[1]. Therefore management of internet information content was done in different sectors. Other rules for the management of internet information content were contained in the Measures for the Administration of the Communication of Audio-Visual Programs through the Internet or Other Information Network, the Administrative Provisions on Internet Audio-Visual Program Services and the Interim Provisions on the Administration of Internet Culture, giving responsibilities to certain authorities within their specific fields.

In 2014, the State Council issued a Notice of Authorizing the State Internet Information Office to Manage Internet Information Content (the “Notice”) authorizing CAC to manage internet information content nationwide, including supervision, management and law enforcement. That move facilitated unified administrative control of internet information content, and is in conformity with the strategic role of CAC to arrange and coordinate major cybersecurity and IT application issues in various sectors at the national level, in order to enhance the top-level structure of internet related legislation and its enforcement in China. The Procedural Regulations, based on the Notice, may indicate that CAC is officially empowered to coordinate the management of internet information content. Article 29 of the Procedural Regulations states that “in the event of any inconsistency between these Procedural Regulations and any other regulation issued before the effectiveness hereof, these Procedural Regulations shall apply”. This may be construed as giving the CAC power to carry out a unified and coordinated enforcement of the law.

However, Articles 6, 21 and 28 of the Procedural Regulations also require internet information service providers to comply with regulatory requirements for telecommunication, internet audio-visual programs, internet publication and other sectors. Thus, whether the Procedural Regulations prevail over existing administrative laws and departmental regulations concerning internet information content will need clarification.

Comprehensive and specific provisions

As the first set of regulations on enforcement procedures under the Cybersecurity Law, the Procedural Regulations borrows structures used in other laws. They are more comprehensive and detailed than previous “framework-only” cybersecurity enforcement procedures.

The General Provisions in the first chapter of the Procedural Regulations clearly describe the fundamental principles. The following six chapters set out specific and detailed rules covering “jurisdiction”, “filing”, “investigation and evidence collection”, “hearing and interview”, “penalty decision and service”, “enforcement and closure” and other processes.

The Procedural Regulations, which reflect the fundamental principles of administrative enforcement, further clarify the regime for administrative supervision and inspection and the qualification of enforcement officials.[2]The regime involves external supervision and inspection of enforcement agencies by higher-level authorities; and quality improvement through internal building of the standard of enforcement officials, through training, examination, (evaluation) and certification requirements for relevant staff positions.

As for the detailed regulations on processes, the Procedural Regulations mirror standard administrative enforcement procedures and establish a set of tailored procedures for internet information content management, covering all aspects. To provide effective guidance for officials and the public the Procedural Regulations offer great specificity such as the treatment of rejected filings under different circumstances, and special rules for investigation and evidence collection depending on the different forms of evidence.

Both internal and external regulations and transparent enforcement

Because the Procedural Regulations are comprehensive and detailed they make the enforcement procedures and forms highly transparent for enforcement officers and parties in administrative proceedings.

The rights and obligations of both the cyberspace administrations and parties to administrative proceedings are defined so as to help relevant parties better exercise rights and perform obligations. In relation to hearings, for example, , before making decisions on specific categories of penalties, enforcement agencies must “make relevant parties aware of their right to a hearing”, and  parties “shall respond within three days after being informed of such right…otherwise, such right will be deemed waived ”.[3] On the other hand, the Procedural Regulations also disclose the internal procedures to be observed by enforcement agencies, which helps protect the legitimate rights of relevant parties. For example, Chapter III specifies the process which enforcement agencies will follow to initiate an investigation and take further actions as well as laying out their internal processes.

It is also worth mentioning that, CAC also publishes legal forms that may be used by lower-level enforcement agencies.[4] The CAC measures significantly improve enforcement transparency and the feasibility of supervision, better harmonize enforcement at different levels and in different regions, and help to establish the authority and public credibility of cyberspace administrations as controllers of internet information content.

An updated and scientific enforcement approach

The Procedural Regulations also introduce advanced concepts and approaches in investigation and evidence collection, such as electronic evidence, cyber patrol, remote evidence collection, and the like.

Article 20 specifically defines “electronic evidence”[5]. Compared with Article 116 of the Interpretation of the Supreme People’s Court on the Application of the Civil Procedure Law of the People’s Republic of China, it is a more tailored definition for administering internet information content. Besides, the Procedural Regulations makes a non-exhaustive list of the types of electronic data, which further facilitates identification of electronic data during administrative control.

Moreover, “cyber patrol” in Article 21 and “remote evidence collection” in Article 29 are both advanced approaches to cyber law enforcement. The Guidance on Law Enforcement in the Internet Culture Market (Tentative) issued by the Ministry of Culture in 2012 includes chapters citing “cyber patrol”, “remote evidence collection” and “analysis and identification of electronic data”. [6]Though it is not clear whether cyberspace administrations will cite or refer to these provisions in the guidance concerning cyber patrol and remote evidence collection in practice, the adoption of cutting edge terms shows that the Procedural Regulations is “updated and scientific”.

Below are set out more details of the Procedural Regulations.


The Procedural Regulations has a main body and appendices. The General Provisions in the body determine the enforcement entities, i.e. CAC and local cyberspace administrations. As “the administrative authorities for internet information content”, they are responsible for imposing administrative penalties for “acts in violation of laws and regulations on the management of internet information content”. The General Provisions also set out the principles by which cyberspace administrations will operate. They include openness, equity and justice. The General Provisions establish a supervisory system for administrative law enforcement, and systems for training, examination, qualification and licensing of law enforcement officers. The body also provides for detailed law enforcement procedures to be followed by cyberspace administrations, specifying procedural requirements covering jurisdiction, filing, investigation and evidence collection, hearing, interview, decision making and judicial enforcement. The appendices contain common legal forms for law enforcement, to unify the standards of cyberspace administrations in law enforcement.


The Procedural Regulations explicitly determine the jurisdiction for violations of internet information content, including territory, level, transfer of jurisdiction, and designation of jurisdiction:

Strong Basis for Regulatory Enforcement

In addition to these rules for jurisdiction within the system of cyberspace administrations, Article 12  also provides rules on inter-departmental transfer of cases, that is, where the cyberspace administration discovers that a case is under the jurisdiction of another administrative authority, then the case should be transferred to the competent authority in accordance with law; where the cyberspace administration discovers that the illegal act may constitute a crime, then the case should be  transferred in a timely fashion to  judicial authority.

Law enforcement procedures

The Procedural Regulations require cyberspace administrations to follow detailed law enforcement procedures cyberspace administrations for filing, investigation and evidence collection, hearing, interviewing, penalty imposition, service, enforcement and closure:

Strong Basis for Regulatory Enforcement


As the first set of departmental regulations on procedural issues under the Cybersecurity Law, the Procedural Regulations cover both basic principles and detailed provisions for specific law enforcement procedures. This is of great significance to the operation of cyberspace administrational law enforcement. These detailed provisions on every procedure for law enforcement from filing to case closure will help enterprises understand how to cope with administrative law enforcement and the extent of their rights. In addition, the appendices include legal forms that may be used for enforcement, which will contribute to transparency and consistency of enforcement.

It should be noted that the Procedural Regulations, is an explicit instruction that internet information content will be managed in a complete and detailed manner. Therefore enterprises should pay close attention to the rules to be followed by the CAC in performing their enforcement duties to ensure their compliance efforts are in line with the law. To protect their legitimate rights and interests to the maximum extent enterprises must actively cooperate with the administration of internet content.

[1]See Article 18 of the Administrative Measures for Internet Information Services.

[2]See Articles 4 and 5 of the Procedural Regulations.

[3]See Article 33 of the Procedural Regulations.

[4]See Article 48 of the Procedural Regulations and related appendices.

[5]See Article 20(2) of the Procedural Regulations: “Electronic data refers to data formed during the course of the case, which is stored, processed, or transmitted in digital form, and can prove case facts, including but not limited to webpages, blogs, microblogs, instant messaging tools, forums, post sites, network drives, emails, backhaul networks, and other means of storing electronic information or documents. Electronic data is mainly stored on electronic equipment and storage media such as computers, mobile communication devices, internet servers,  removable storage devices, cloud storage system, etc.”

[6]See Chapters III, IV and VI of the Guidance on Law Enforcement in Internet Culture Market (Tentative).