Release Date: 01-08-2011
Source: Baidu
Chinese Title: 计算机信息网络国际联网安全保护管理办法(2011修订)
Chapter I General Provisions
Article 1 These Measures are formulated in accordance with the Regulations of the People’s Republic of China on the Security Protection of Computer Information System, the Provisional Administrative Regulations of the People’s Republic of China on International Connections to Computer Information Networks and other laws and administrative regulations in order to strengthen security protection for international connections to computer information networks and to safeguard public order and social stability.
Article 2 These Measures will apply to security protection administration of international connections to computer information networks within the People’s Republic of China.
Article 3 The computer administrative supervisory organizations of the Ministry of Public Security will be responsible for the security protection administrative work involving international connections to computer information networks.
The computer administrative supervisory organizations of public security organs must protect the public security of international connections to computer information networks and safeguard the legal rights and interests of entities and individuals involved in international connection work and the public interests.
Article 4 No entity or individual will be permitted to make use of international connections to harm national security, disclose State secrets, infringe on the national, social or collective interests or the legal rights and interests of citizens, or engage in other illegal or criminal activities.
Article 5 No entity or individual will be permitted to make use of international connections to produce, reproduce, consult or transmit any of the following content:
Article 6 No entity or individual will be permitted to endanger the security of a computer information network by engaging in any of the following activities:
Article 7 The freedom and privacy of network users are protected by law. No entity or individual may, in violation of the provisions of the law, use the Internet to infringe on the freedom and privacy of network users.
Chapter II Security Protection Liability
Article 8 All entities and individuals which engage in international connection work must accept supervision, inspection and guidance of the public security organs. They must provide the public security organs with information, materials and digital files on security protection matters in strict accordance with the facts and help the public security organs to investigate any illegal and criminal acts which are conducted through international connections to computer information networks.
Article 9 The departments or entities in charge of international gateway channel providers and inter-connected organizations will be responsible for security protection administrative work in respect of these international gateway channels and inter-connected networks in accordance with the laws and relevant State regulations.
Article 10 Inter-connected organizations and node network organizations, as well as legal persons and other organizations which use international connections to computer information networks, must perform the following security protection duties:
Article 11 When a user carries out network entry procedures with a node network organization, it must fill out a registration form. The format of the registration form will be determined by the Ministry of Public Security.
Article 12 Inter-connected organizations, node network organizations, legal persons and other organizations which use international connections to computer information networks (including entities with connections that cross provinces, autonomous regions or centrally- administered municipalities and their branch organizations) must go through the procedure for registration with the relevant authorities designated by the public security organs of the local people’s governments of the relevant provinces, autonomous regions or centrally-administered municipality within thirty (30) days of the official connection of the network.
The entities mentioned in the previous paragraph have the responsibility to report for the record to the local public security organ the information on the entities and individuals which have connections to the network. They must also promptly report any change in the information about entities or individuals using the network.
Article 13 People who register public accounts shall strengthen the management of the accounts, and establish an account registration system. Accounts may not be lent or transferred.
Article 14 When an entity which is involved in national affairs, economic construction, national defense development, sophisticated science and technology or other important fields goes through the procedure for registration, it must present an approval certificate issued by its administrative department in charge.
Appropriate security protection measures must be adopted in respect of the computer information networks and international connections of the entities mentioned in the previous paragraph.
Chapter III Security Supervision
Article 15 The public security departments (bureaus) of the provinces, autonomous regions and centrally-administered municipalities, and the prefectural and county public security bureaus must establish appropriate organizations to be responsible for security protection administrative work for international connections.
Article 16 The computer administrative supervisory organizations of public security organs must keep abreast of the information on registration of inter-connected organizations, node network organizations and users, establish a filing system for such information, maintain statistical information on these files and submit the information to their next highest level in accordance with relevant State regulations.
Article 17 The computer administrative supervisory organizations of public security organs must urge inter-connected organizations, node network organizations and users to establish a sound and comprehensive security protection administrative system. They must also supervise and inspect network security protection administration and the implementation of technological measures.
When the computer administrative supervisory organization of a public security organ organizes a security inspection, the relevant entities must send personnel to participate. If a computer administrative supervisory organization of a public security organ discovers a problem during a security inspection, it must put forward a proposal to rectify the matter, take detailed records, and file the details of the case for future reference.
Article 18 When the computer administrative supervisory organization of a public security organ discovers an address, table, or server that contains any information as specified in Article 5 of these Measures, it must notify the relevant entity to shut down or delete the address or table.
Article 19 The computer administrative supervisory organization of a public security organ will be responsible for pursuing and investigating illegal acts carried out through computer information networks and criminal cases which target computer information networks. If an illegal or criminal act violates Article 4 or Article 7 of these Measures, the case must be handed over to the relevant department or judicial organ for handling in accordance with relevant State regulations.
Chapter IV Legal Liability
Article 20 If a party, in violation of laws or administrative regulations, commits any of the acts specified in Article 5 or Article 6 of these Measures, the public security organ will issue a warning and confiscate any illegal income, and may also impose a fine of up to 5,000 yuan in the case of an individual, or up to 15,000 yuan in the case of an entity. In serious circumstances, it may also order the party to terminate its network connection for up to six (6) months and suspend its operations to undergo internal rectification. If necessary, the public security organ may also recommend that the original certificate examination, approval and issuing organizations revoke the party’s business permit or cancel its network connection qualifications. If an act constitutes a violation of public security administration, a penalty will be imposed in accordance with the Law on Administrative Penalties for Public Security. If an act constitutes a crime, criminal liability will be pursued in accordance with the law.
Article 21 If a party commits any of the following acts, the public security organ will order the matter to be rectified within a specified period, issue a warning and confiscate any illegal income. If the matter is not rectified within the specified period, it may also impose a fine of up to 5,000 yuan on the person chiefly in charge and other person(s) directly liable, and may also impose a fine of up to 10,000 yuan on the entity. In serious circumstances, it may also order the party to terminate its network connection for up to six (6) months and suspend its operations to undergo internal rectification. If necessary, the public security organ may also recommend that the original certificate examination, approval and issuing organizations revoke the party’s business permit or cancel its network connection qualifications. The acts are as follows:
Article 22 In the case of a violation of Article 4 or Article 7 of these Measures, a penalty will be imposed in accordance with relevant laws and regulations.
Article 23 If a party violates Article 11 or Article 12 of these Measures by failing to perform its duties for registration, the public security organ will issue a warning or will order the party to suspend operations for a period of up to six (6) months to undergo internal rectification.
Chapter V Supplementary Provisions
Article 24 Security protection administration of computer information networks connected with the Hong Kong Special Administrative Region and the regions of Taiwan and Macao will be implemented with reference to these Measures.
Article 25 These Measures will take effect from the date of promulgation.