Global menu

Our global pages


China Cybersecurity Law One Year On

China Cybersecurity Law One Year On
  • Hong Kong
  • China
  • Other


It’s been one year since China’s Cybersecurity Law took effect, and while businesses are keenly aware of the need to comply, many are still trying to fully understand its implications. There is an abundance of new guidelines and regulations clarifying the scope and applicability of concepts introduced by the Cybersecurity Law, and others which expand on existing security requirements in order to promote cybersecurity.

The guidelines cover technical, security and data protection in specific contexts (including cloud computing, mobile terminals and big data) and such issues as security incident management and publication of “Internet News”.

Other guidelines and regulations exist in draft form and are in various stages of development, typically through a public consultation process.

Although more guidelines and regulations are expected, businesses must be alert to existing obligations that are in force – and enforced – today. We have seen enforcement action being taken by various enforcing authorities to enforce the Cybersecurity Law.

Eversheds Sutherland have undertaken a comprehensive review of the development of the cybersecurity legislative landscape in China and summarized the information in an easy-to-read format. Our new interactive timeline, “China Cybersecurity Law - One Year On”, provides a high level summary of the key legislation, regulations and guidelines in this area, and also describes some interesting enforcement actions that have already been taken.

Please click here to view the information and timeline.