China Laws Portal - CJO

Find China's laws and official public documents in English

EnglishArabicChinese (Simplified)DutchFrenchGermanHindiItalianJapaneseKoreanPortugueseRussianSpanishSwedishHebrewIndonesianVietnameseThaiTurkishMalay

Security Protection Regulations on Critical Information Infrastructure(2021)

关键信息基础设施安全保护条例

Type of laws Administrative regulation

Issuing body China's State Council

Promulgating date Aug 17, 2021

Effective date Sep 01, 2021

Validity status Valid

Scope of application Nationwide

Topic(s) Cybersecurity/Computer security Public Administration

Editor(s) Huang Yanling 黄燕玲

Regulations on Security Protection of Critical Information Infrastructure were promulgated on 30 July 2021, and entered into force on 1 Sept. 2021.

There are 51 articles in total. The Regulations aim to safeguard the security of critical information infrastructure and maintain cybersecurity.

The key points are as follows:

  1. Under the overall coordination of the national cyberspace administration (Cyberspace Administration of China), the public security authority under the State Council (Ministry of Public Security) is responsible for guiding and supervising the security protection of critical information infrastructure. The competent telecommunications authority under the State Council (Ministry of Industry and Information Technology) and other relevant authorities shall be responsible for the security protection, supervision and administration of critical information infrastructure within the scope of their respective functions and duties in accordance with the Regulations, relevant laws and administrative regulations.

  2. The State grants enhanced protection to the critical information infrastructure, and takes measures to monitor, prevent and deal with cybersecurity risks and threats originating inside and outside the territory of the People’s Republic of China, protects the critical information infrastructure from attacks, intrusions, interference and damage, and punishes illegal and criminal activities endangering the security of the critical information infrastructure in accordance with law.

  3. Operators shall give priority to the purchase of secure and reliable network products and services. If the purchase of network products and services may affect national security, it shall pass the security review in accordance with the provisions on national cybersecurity. When purchasing network products and services, operators shall sign a security confidentiality agreement with the network product and service providers in accordance with the relevant provisions of the State, clarify the obligations and responsibilities of the providers in technical support and security confidentiality, and supervise the performance of the obligations and responsibilities.

For the full text in Chinese, please click the “Chn” at the top right. You can translate it with tools or in other ways as you please.
If you would like to read the full text in English provided by our team, please click Get to buy.

© 2020 Guodong Du and Meng Yu. All rights reserved. Republication or redistribution of the content, including by framing or similar means, is prohibited without the prior written consent of Guodong Du and Meng Yu.