The Network Security Administration of the Ministry of Industry and Information Technology (MIIT) recently interviewed the party responsible for the Sina Weblog App regarding a data breach caused by malicious use of the user query interface. Sina Weblog replied that it has upgraded its interface security strategy and will perform its data protection obligations according to MIIT's instructions.
The National Information Security Standardisation Technical Committee recently released the Network Security Standard Practice Guidelines – Guidelines for Personal Information Security Protection by Apps for public consultation. Based on the statistics released by certain assessment tools and the typical issues which have come to light due to the COVID-19 pandemic, the guidelines summarise 10 activities which app operators should avoid.
China's merger review practice has not been negatively affected by the COVID-19 outbreak. According to public statistics, in the first quarter of 2020 the State Administration for Market Regulation (SAMR) completed 111 filing reviews, with a slight year-on-year growth of 0.9%. The current economic downturn raises the question of whether the SAMR will relax its antitrust scrutiny to encourage M&A activity. However, recent merger review practice in China suggests that this has not been the case in the semiconductor sector.
In early 2020, the Luckin Coffee scandal drew attention from the insurance, legal and security industries and turned the spotlight on directors' and officers' (D&O) liability insurance policies in China. With the developing pace of the security and insurance markets, the refreshed focus on D&O insurance gives Chinese underwriters plenty to contemplate.
In order to protect personal information during the prevention and control phases of the COVID-19 pandemic, the Office of the Central Cyberspace Affairs Commission issued the Circular on Ensuring Effective Personal Information Protection and Utilisation of Big Data to Support Joint Efforts for Epidemic Prevention and Control. This article examines the circular's main requirements.
The National Financial Standardisation Technical Commission recently issued the Personal Financial Information Protection Technical Specification to regulate the secure management of personal financial information. Based on the damaging effects of unauthorised access to or the modification of such information, institutions without the corresponding financial qualification are not authorised to collect certain types of personal financial information.
The year 2019 marked the 11th anniversary of the implementation of the Anti-monopoly Law and was also the first full calendar year since the State Administration for Market Regulation (SAMR) became China's single centralised antitrust enforcement agency. Evidently. the SAMR has become more stringent and detail oriented with respect to the analysis of relevant markets and the competition impact of mergers.
The Ministry of Industry and Information Technology recently released the Guidelines on Classification and Grading of Industrial Data (On Trial) to guide industry and IT administrations, industrial enterprises and industrial internet platform enterprises in carrying out the classification and grading of industrial data. According to the guidelines, 'industrial data' refers to data generated and applied throughout the lifecycle of products and services in the industrial sector.
The State Administration for Market Regulation and the Standardisation Administration recently released a national standard circular to announce that the Information Security Technology – Personal Information Security Specification (Specification 2020) and seven additional national standards have been issued and will take effect on 1 October 2020. Specification 2020 was revised based on the Information Security Technology – Personal Information Security Specification which came into effect in 2018.
The novel coronavirus pneumonia has been classified as a Class B infectious disease under the Law on the Prevention and Treatment of Infectious Diseases and preventive and control measures for Class A infectious diseases have been taken. To cooperate with the state epidemic control measures and protect employees' health, employers must provide outbreak-related information on their employees, resulting in some special legal issues regarding personal information protection.
The State Administration for Market Regulation (SAMR) recently published the Draft Amendment to the Anti-monopoly Law (AML) for public comment. The draft amendment demonstrates the SAMR's strong stance on monopoly behaviour and is based on 12 years of antitrust enforcement. It conveys to the public that the Chinese authorities will strengthen enforcement relating to monopoly conduct. This article provides a summary of the draft amendment's main changes and the practical implications thereof.
The State Administration for Market Regulation recently released a revised draft of the Anti-monopoly Law (AML) for public comment. In general, the revised draft follows the current AML's basic framework; however, it significantly enhances the legal liability of AML violators. This article highlights key changes proposed by the revised draft and discusses why these changes matter for business entities from a practical point of view.
The Beijing Communications Administration recently organised a two-month examination of the network and data security of apps to target the illegal, compulsory and excessive collection of user information. The examination selected 50 apps with a certain influence and number of users, covering social media, online rental and automotive services, online education, finance, online medical care, basic telecoms enterprises and six other areas.
The Cyberspace Administration of China recently published the Administration Measures for Releasing Cybersecurity Threat Information (Draft for Comments) to solicit public opinions. According to the draft measures, the publication of cybersecurity threat information must be reported to regulators in a number of specific circumstances.
China's antitrust enforcement agencies were reorganised in 2018. As such, new legislation and enforcement actions in 2019 attracted significant attention from practitioners and in-house counsel, with a view to gaining an insight into the new agency's enforcement trends and priorities (if any). This article underlines the most significant developments in legislation, public enforcement and private litigation in 2019.
In terms of premium revenue, China is the second largest insurance market in the world. However, regulators and insurers are often frustrated due to a lack of insurance innovation. In response to such frustration, litigation property preservation liability insurance has emerged and become a typical insurance solution to satisfy market demand and address unique Chinese insurance requirements in order to align them with the country's judicial system.
The Ministry of Education recently published the Administrative Measures for the Filing of Educational Apps. The administrative measures require providers of educational apps and institutional users of educational apps to go through filing procedures and indicate that the ministry is tightening controls on educational apps in China.
Insurance subrogation is an important legal mechanism which enables insurers to reduce their losses after insurance indemnities are paid. However, opinions differ as to the application of reinsurers' right of subrogation. This article answers questions which frequently arise in this regard from a Chinese perspective.
The Administrative Provisions on Online Audiovisual Information Services, which were jointly issued by the Cyberspace Administration of China and two other departments in November 2019, recently came into effect. The provisions set out requirements for the creation, distribution and transmission of audio videos based on new technologies and applications such as deep learning and virtual reality.
The Shanghai Cyberspace Administration recently released the 2019 Network Security Incident Contingency Plan. According to the contingency plan, network security incidents in Shanghai are classified as Grade I, Grade II, Grade III and Grade IV. If a network security incident occurs, the relevant entity must report it to the competent authority verbally within half an hour and in writing within one hour.