Tech, Data, Telecoms & Media, AnJie Law Firm updates
China
Contributed by AnJie Law FirmProposal to tighten controls on import and export of commercial cryptography products
- China
- 29 January 2021
In August 2020 the State Cryptography Administration released the Regulations for the Administration of Commercial Cryptography (Draft for Comment). The draft regulations provide that the import of commercial cryptography products on the Commercial Encryption Import Licence List and the export of commercial cryptography products on the Commercial Encryption Export Control List should be subject to the import and export licence for dual-use items issued by the State Council.
Ministry of Commerce to launch pilot programme on cross-border data transfer security management
- China
- 22 January 2021
In August 2020 the Ministry of Commerce issued the Master Plan for Comprehensively Deepening the Pilot Programme on the Innovative Development of Trade in Services. The plan covers 28 provinces and municipalities directly under the central government, including Beijing, Tianjin and Shanghai. The pilot programme, which concerns cross-border data transfer security management, will run for three years.
Draft Guidelines on the Construction of a Data Security Standards System in the Telecoms and Internet Industries
- China
- 15 January 2021
In 2020 the Ministry of Industry and Information Technology issued the Guidelines on the Construction of a Data Security Standards System in the Telecoms and Internet Industries for public comment. According to the draft guidelines, the data security standards system for telecoms and internet industries comprises four categories: basic and general standards, critical technology standards, security management standards and critical field standards.
Method for evaluating security protection capabilities of critical information infrastructure
- China
- 08 January 2021
In August 2020 the National Information Security Standardisation Technical Committee issued the Information Security Technology – Method for Evaluating the Security Protection Capabilities of Critical Information Infrastructure (Draft for Comment) for public comment. According to the draft method, the evaluation of the security protection capabilities of critical information infrastructure will focus on capability domain level, graded protection and cryptography.
Consultation on proposed method of boundary identification for critical information infrastructure
- China
- 18 December 2020
In August 2020 the National Information Security Standardisation Technical Committee released the Information Security Technology – Method of Boundary Identification for Critical Information Infrastructure (Draft for Comment) for public opinion. The draft provides six factors that should be considered when identifying the boundaries of critical information infrastructure: critical business, network facilities, information systems, critical business information, critical business information flows and basic operation environments.
