Cybersecurity Law

Subscribe to Cybersecurity Law

By Susan NING, WU Han King & Wood Mallesons’ Commercial & Regulatory group.

2017 has witnessed a quickened pace of legislative development on personal information protection worldwide. A variety of countries in the Asia-Pacific region introduced or amended their legislation on personal information protection. Such as in China the Cybersecurity Law of the People’s Republic of China (the “Cybersecurity Law”) was implemented on June 1, 2017, the Mandatory Data Breach Notification was approved in February, 2017 in Australia, and the revised Personal Information Protection Act took effective on May 30, 2017 in Japan.
Continue Reading Analysis of the Personal Information Security Specification from a Practical Perspective

By Cecilia (Xianying) Lou, Mark (Guangrui) Fu King & Wood Mallesons’ Corporate & Securities group.

lou_ceciliaThis article was first published in the June 2017 edition of CSj, the journal of the Hong Kong Institute of Chartered Secretaries and published by Ninehills Media Ltd. It aims to give an introduction to China’s Cybersecurity Law which becomes effective this month, and assess the implications of the law for companies with a business presence in both Mainland China and Hong Kong.
Continue Reading A Brief Introduction to China’s Cybersecurity Law

By Susan Ning, Wu Han, Zhao Yangdi, Chen Linlin King & Wood Mallesons’ Commercial & Regulatory group

untitledThe Cyberspace Administration of China (“CAC”) announced on 2 May 2017 the Measures for Security Review of Network Products and Services (Tentative) (the “Review Measures”), which will be formally implemented from 1 June 2017. The 16 articles of the Review Measures set up an institutional framework for the security review of network products and services. This is an integral part of the whole cybersecurity regime established by the Cybersecurity Law of the People’s Republic of China (the “Cybersecurity Law”). The Review Measures represents a further step and makes improvements to the CAC’s Measures for Security Review of Network Products and Services (Draft Review Measures) (the “Draft Review Measures”) which was released on 4 February 2017. This article will canvas the main provisions of the security review system for network products and services, the highlights of the Review Measures and the issues to be addressed, to provide guidance to companies in terms of cybersecurity compliance.
Continue Reading Building an Institutional Framework for Cyber Security Review — Understanding the Measures for Security Review of Network Products and Services (Tentative)

By Susan Ning, Wu Han, Yang Nan King & Wood Mallesons’ Commercial & Regulatory group.

ning_susanThe Provisions on the Management of Internet News Services[1] (the “Provisions”) were released by the Cyberspace Administration of China (“CAC”) on 2 May 2017. Issued jointly by the State Council Information Office (“SCIO”) and the Ministry of Information Industry, the Provisions replace the previous provisions from 2005 (the “2005 Provisions”). They establish a brand-new regulatory framework and approach in response to the development of the Internet over the last decade, responding to the growth of self-media and diversified means of communication. The Provisions are expected to open up a new era of Internet news regulation in China.
Continue Reading Ushering in a New Era of Internet News Regulation

By Susan Ning, Wu Han, Chen Shengnan, Li Huihui King & Wood Mallesons’ Commercial & Regulatory group.

ning_susanOn May 2, 2017, the Cyberspace Administration of China (“CAC”) successively published on its official website the Measures for Security Review of Network Products and Services (Tentative) (the “Review Measures”), the Provisions on the Administration of Internet News Information Services (the “Administrative Provisions”) and the Procedural Regulations for Administrative Law Enforcement Concerning Internet Information Content Management (the “Procedural Regulations”). Following our earlier writings about the Review Measures and the Administrative Provisions, this article focuses on the main features and content of the Procedural Regulations. 
Continue Reading Strong Basis for Regulatory Enforcement

By Susan Ning, WU Han, YANG Nan and LI Huihui  King & Wood Mallesons’ Commercial & Regulatory groupning_susanBackgroundThe Cybersecurity Law of the People’s Republic of China (the “Cybersecurity Law”), adopted by the Standing Committee of the National People’s Congress on November 7th, 2016, will take effect on June 1st, 2017. In order to ensure its implementation, the Cybersecurity Law set targets for construction of key areas of the system and for authorities to formulate specific implementation measures.
Continue Reading Does Your Data Need “a Visa” to Travel Abroad?