Professional Documents
Culture Documents
China: Cybersecurity Policy
China: Cybersecurity Policy
CYBERSECURITY POLICY
Strategy Documents
Identifies four basic principles: Principle of Peace, Principle of Sovereignty, Principle of Shared Governance, and Principle of Shared Benefits;
Discusses strategic goals and a Plan of Action.
Source Source 2
1 March 2017
Source Source 2
27 December 2016
Outer space and cyber space have become new commanding heights in strategic competition among all parties;
China’s national strategic goal is to complete the building of a moderately prosperous society in all respects by 2021;
The Strategy mentions that China will expedite the development of a cyber force, and enhance its capabilities of cyberspace situation awareness,
cyber defense, support for the country’s endeavors in cyberspace and participation in international cyber cooperation, so as to stem major cyber
crises, ensure national network and information security, and maintain national security and social stability.
Source Source 2
2015
STRUCTURE
Executive arm of the Cyberspace Affairs Leading Group which was transformed into CCAC in 2018.
Source
2014
Key Positions
Source Source 2
Source Source 2
25 March 2016
Source Source 2
1 December 2015
A high-level intelligence platform built on research efforts of an information center of the GAD and the wisdom of the experts in various fields;
Designed to become an authoritative research resource for Internet intelligence, build a highly-efficient cyberspace dynamically-tracking research
system, provide high-end services for hot and major issues, and explore approaches of intelligence analysis as well as identification and appraisal
with cyberspace characteristics.
Source
26 June 2014
To promote the development of major technological equipment and innovation concerning the communication sector;
Source
2008
National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC)
Non-governmental, officially recognized
CNCERT/CC is a non-governmental non-profit cybersecurity technical center and the key coordination team for China's cybersecurity emergency
response community;
CNCERT/CC leads efforts to prevent, detect, alert, coordinate and handle cybersecurity threats and incidents, in line with the guiding principle of
"proactive prevention, timely detection, prompt response and maximized recovery";
Operates the China National Vulnerability Database (CNVD).
Source Source 2
August 2001
LEGAL FRAMEWORK
Legislation
The law states that "the State takes measures to monitor, prevent and handle cybersecurity risks and threats arising both within and without the
mainland territory of the People’s Republic of China. The State protects critical information infrastructure against attacks, intrusions, interference,
and destruction; the State punishes unlawful and criminal cyber activities in accordance with the law, preserving the security and order of
cyberspace."
Legislates various security and data privacy measures;
Requires critical information infrastructure operators that gather or produce personal information or important data during operations within the
mainland territory of the People’s Republic of China to store the data within mainland China.
Source Source 2
1 June 2017 (entry into force)
Article 45: As needed for counter-terrorism intelligence information work , and on the basis of national provisions, public security organs, state security
organs and military organs may employ technological investigative measures upon strict formalities for approval.
Source Source 2
27 December 2015
China Last Updated: March 2021
Article 25: The State establishes a national network and information security safeguard system, raising the capacity to protect network and information
security; increasing innovative research, development and use of network and information technologies; to bring about security core techniques and key
infrastructure for networks and information, information systems in important fields, as well as data; increasing network management, preventing,
stopping and lawfully punishing unlawful and criminal activity on networks such as network attacks, network intrustion, cybertheft, and dissemination of
unlawful and harmful information; maintaining cyberspace sovereignty, security and development interests.
Source Source 2
1 July 2015
COOPERATION
UN Processes
Represented at the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context
of International Security
Source
2004, 2009, 2012/2013, 2014/2015, 2016/2017, 2019/2021
Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context
of International Security
Source Source 2
2019/2020
Neither country would conduct or support cyber-enabled theft of intellectual property, trade secrets or confidential business information with the intent of
obtaining competitive advantage
Source
24 April 2017
Review the timeliness and quality of responses to requests for information and assistance with respect to cybercrime or other malicious cyber
activities
Enhance pragmatic bilateral cooperation with regard to cybercrime, network protection and other related issues
Source
7 December 2016
Ddiscussed the full range of issues on the international cyber agenda including the development of norms of responsible state behaviour
Source
3 February 2016
Russia-China Cooperation in Ensuring International Information Security (Sino-Russia Cybersecurity Agreement 2015)
Head of State
Cooperation in the field of international information security, including joint solution of tasks, and legal framework for dialogue
Source Source 2
8 May 2015
Membership
International Telecommunications
Union (ITU)