The Cyberspace Administration of China has issued draft amendments to the Cybersecurity Law aimed at better aligning it with the Personal Information Protection Law, Data Security Law, and Law of Administrative Penalties. These amendments enhance the legal liabilities associated with network operation security by addressing significant incidents of data breaches and the functionality of critical information infrastructure. The range of potential fines has been expanded, and specific penalties are outlined for CII operators failing to adhere to security requirements regarding network products and services.
On March 28, 2025, the Cyberspace Administration of China issued draft amendments to China's Cybersecurity Law for public comment until April 27, 2025.
The Draft Amendment aims to harmonize relevant provisions of the Personal Information Protection Law, Data Security Law, and Law of Administrative Penalties.
Legal liability for network operation security is classified, increasing the range of fines for serious violations and clarifying penalties for non-compliant CII operators.
The Draft Amendment also addresses the sale of critical network equipment and cybersecurity products that do not meet necessary security certification.
Collection
[
|
...
]