Misplaced Pages

#147852

56-868: The agency was initially established in 2011 by the State Council as the State Internet Information Office (SIIO), a subgroup of the State Council Information Office (SCIO). In 2014, the SIIO was renamed in English as the Cyberspace Administration of China, and transformed into the executive arm of the newly established Central Leading Group for Cybersecurity and Informatization of the Chinese Communist Party (CCP), which

112-626: A Deputy Head of the CCP's Central Committee Publicity Department. As of 2015, the CAC includes the following departments: an Internet Security Emergency Command Center, an Agency Service Center, and an Illegal and Unhealthy Information Reporting Center. Unlike most other Chinese administrative agencies, the CAC does not regularly publish information about its organizational structure, structure, budget, duties as well as its personnel arrangements, except for brief biographies of its director and deputy directors. Many of

168-491: A campaign to arrest almost 200 lawyers and activists in China, the CAC published a directive saying that "All websites must, without exception, use as the standard official and authoritative media reports with regards to the detention of trouble-making lawyers by the relevant departments." The CAC has also been given the responsibility for reviewing the security of devices made by foreign countries. The initial powers and legal basis of

224-492: A company's network operations. Cybersecurity is recognized as a basic law. This puts the law on the top of the pyramid-structured legislation on cybersecurity. The law is an evolution of the previously existent cybersecurity rules and regulations from various levels and fields, assimilating them to create a structured law at the macro-level. The law also offers principal norms on certain issues that are not immediately urgent but are of long-term importance. These norms will serve as

280-538: A legal reference when new issues arise. The law is a significant pillar of the Chinese data regulatory environment. It: The cybersecurity law is applicable to network operators and businesses in critical sectors . By critical sectors, China roughly divides the domestic businesses into networking businesses that are involved in telecommunications, information services, energy transport, water, financial services, public services, and electronic government services. Some of

336-830: A licensing requirement for generative artificial intelligence systems. Before releasing a large language model to the public, companies must seek approval from the CAC to certify that the model refuses to answer certain questions relating to political ideology and criticism of the CCP. In May 2024, CAC announced that it rolled out a large language model trained on Xi Jinping Thought . Since at least 2017, CAC has cooperated with Russia's principal internet regulator and censor, Roskomnadzor . The CAC has been accused of assisting in cyber attacks against visitors to Chinese websites. The anti-censorship group GreatFire.org provided data and reports showing man-in-the-middle attacks against major foreign web services, including iCloud , Yahoo , Microsoft , and Google . The attack would have required

392-682: A national security review organized by the State cybersecurity and informatization departments and relevant departments of the State Council. The law establishes stringent data localization requirements. The law is applicable to all businesses in China that manage their own servers or other data networks. Network operators are expected, among other things, to clarify cybersecurity responsibilities within their organization, take technical measures to safeguard network operations, prevent data leaks and theft, and report any cybersecurity incidents to both users of

448-535: A state councillor) all assist the premier. Each vice premier oversees certain areas of administration in support of the premier. In practice, the vice premiers and State Councillors assume responsibility for one or more sectors or issues, and remain in contact with the various bodies responsible for policy related to that area. This allows the Standing Committee to oversee a wide range of government functions. Each State Councillor performs duties as designated by

504-411: A three-month censorship action on We-Media in China. In December 2020, CAC removed 105 apps, including that of Tripadvisor , from China's app stores that were deemed "illegal" in a move to "clean up China's internet". A 2020 investigation by ProPublica and The New York Times found that CAC systematically placed censorship restrictions on Chinese media outlets and social media to avoid mentions of

560-415: Is also seen as a move by Beijing to bring data under Chinese jurisdiction and make it easier to prosecute entities seen as violating China's internet laws. The president of AmCham South China, Harley Seyedin, claimed that foreign firms are facing “mass concerns” because the law has greatly increased operating costs and has had a big impact on how business is done in China. More specifically, he stated that

616-741: Is consistent with previous malicious actions and points to the Cyberspace Administration of China (CAC) being directly involved..." In November 2019, CAC imposed a curfew on online gaming for minors. The restrictions included banning children under 18 from gaming between 10 p.m and 8 a.m. In addition to that, these children were restricted to only 90 minutes of online gaming on weekdays and 3 hours on weekends and holidays. Extra restrictions were imposed on spending where 8 to 16 year old gamers were allowed to spend 200 yuan (£22, $ 29) per month while 16 to 18 year old only 400 yuan per month. In August 2023, CAC proposed regulations to curb perceived internet addiction on minors. These regulations would limit minors between

SECTION 10

#1732848365148

672-568: Is responsible for handling the daily work of the State Council and heads the General Office of the State Council. The executive meeting of the State Council, consisting of the premier, vice premiers, state councillors and the secretary-general, meets two to three times a month, while the plenary session, consisting of all members of the State Council, meets every six months. The State Council directly oversees provincial-level People's Governments, and in practice maintains membership with top levels of

728-448: The 2022 COVID-19 protests in China , the CAC directed companies such as Tencent and ByteDance to intensify their censorship efforts. In January 2023, CAC ordered any content displaying "gloomy emotions" to be censored during Lunar New Year celebrations as part of its "Spring Festival internet environment rectification" campaign. In December 2023, CAC launched a crackdown on content "spreading wrong views on marriage". In April 2023,

784-466: The Chinese Communist Party (CCP). The State Council is legally required to implement the policies of the CCP. Aside from a few, members of the State Council are also members of the CCP's Central Committee . The State Council is described by the Chinese constitution as the executive organ of the National People's Congress (NPC), as well as the "highest state administrative organ". Constitutionally,

840-785: The Cyberspace Administration of China issued "Regulations on the Management of Security Vulnerabilities in Network Products" requiring that all vulnerabilities be reported to the Ministry of Industry and Information Technology (MIIT) and prohibits the public disclosure of vulnerabilities, including to overseas organizations. Along with the Great Firewall , restrictions stipulated in the law have raised concerns, especially from foreign technology companies operating in China. Regarding

896-669: The Ministry for National Defense but does not control the People's Liberation Army, which is instead controlled by the Central Military Commission (CMC). The State Council previously had joint command over the People's Armed Police (PAP) together with the CMC, principally through the Ministry of Public Security , though 2018 reforms placed the PAP solely under CMC command. The plenary session of

952-607: The Personal Information Protection Law passed in 2021 granted CAC with powers for planning, coordinating and supervising personal information protection work, retaliating its authority over control of personal information overseas. Since its founding in 2011, CAC had the authority to issue punitive orders, including imposing fines, license revocations, and business closures. Since 2017, the CAC has also been publishing legally-binding departmental rules ( 部门规章 ), issued by State Council administrative agencies. Due to

1008-668: The Politburo has ultimate authority. In 2024, during the second session of the 14th National People's Congress , the Organic Law of the State Council was amended to mandate the CCP Central Committee 's leadership over the State Council. The amended law also stipulates the State Council must follow the CCP's ideology and policies. The State Council is composed of the premier , several vice premiers , several state councillors , ministers of ministries, directors of committees,

1064-578: The World Internet Conference . The CAC is the national internet regulation agency in China. Its functions include rulemaking, administrative licensing and punishment activities. The CAC implements information-dissemination guidelines and policies, regulates internet information content and management, supervises network news businesses, and investigates illegal or non-regulatory compliant websites. The CAC maintains censorship functions, including issuing directives to media companies in China. After

1120-465: The data security law , the national intelligence law , the national security law , laws on counter-terrorism and foreign NGO management, all passed within successive short timeframes of each other. Chinese policymakers became increasingly concerned about the risk of cyberattacks following the 2010s global surveillance disclosures by Edward Snowden , which demonstrated extensive United States intelligence activities in China . The Cybersecurity Law

1176-409: The highest organ of state power . It is composed of the premier, vice premiers, state councilors, ministers, chairpersons of commissions, the auditor-general, the governor of the People's Bank of China, and the secretary-general. The premier is responsible for the State Council and exercises overall leadership of its work. The secretary-general of the State Council, under the leadership of the premier,

SECTION 20

#1732848365148

1232-407: The port city of Tianjin . Such rumors included claims that blasts killed 1,000 people, or that there was looting, or leadership ructions as a result of the blast. The same year, the CAC debuted a song that Paul Mozur of The New York Times called "a throwback to revolutionary songs glorifying the state." The song included the lines: “Unified with the strength of all living things, Devoted to turning

1288-533: The CAC came from a 2014 authorization by the State Council. According to the Cybersecurity Law passed in 2016, "state cybersecurity and information departments", generally regarded to refer to the CAC, have the authority to plan and coordinate cybersecurity and related regulation with other regulatory agencies with overlapping or complementary jurisdiction. The Data Security Law passed in 2021 tasked CAC with online data security and export of important data, while

1344-493: The CAC's political and regulatory roles, Rogier Creemers at Leiden University argues that it is the world's most powerful digital institution. It serves as the executive arm of the CCP CCAC, has regulatory power over online content, is responsible for protecting personal information and data, and has direct authority over China's DNS registry , China's computer emergency response team , the cybersecurity standardization body TC260, and

1400-577: The CAC's regulatory functions are delegated to the China Electronic Technology Standardization Institute. The institute tests cybersecurity compliance and data protection. The CAC is the majority owner of the China Internet Investment Fund , which has golden share ownership stakes in technology firms such as ByteDance , Weibo Corporation , SenseTime , and Kuaishou . The CAC additionally organizes

1456-514: The CCP, its executive arm, are one institution with two names . The CAC is involved in the formulation and implementation of policy on a variety of issues related to the internet in China. It is under direct jurisdiction of the Central Cyberspace Affairs Commission, a party institution subordinate to the CCP Central Committee . The Director of both the state and party institutions is Zhuang Rongwen , who serves concurrently as

1512-540: The COVID-19 outbreak, mentions of Li Wenliang , and "activated legions of fake online commenters to flood social sites with distracting chatter". In 2021, CAC launched a hotline to report online comments against the Chinese Communist Party, including comments which it deemed historical nihilism . In 2022, CAC published rules that mandate that all online comments must be pre-reviewed before being published. During

1568-554: The Cybersecurity Association of China. In 2017, the CAC issued a rule stating that nonpublic capital should not be allowed to invest in internet-based newsgathering. In 2022, the CAC issued measures and guidelines on security assessments for cross-border data transfers as part of an effort to institutionalize data transfer review mechanisms. In 2015, the CAC was also responsible for chasing down Internet users and web sites that published "rumors" following an explosion in

1624-451: The Cyberspace Administration of China issued draft measures stating that tech companies will be obligated to ensure AI-generated content upholds the ideology of the CCP such as Core Socialist Values , avoids discrimination, respects intellectual property rights , and safeguards user data. Under these draft measures, companies bear legal responsibility for training data and content generated through their platforms. In July 2023, CAC announced

1680-612: The People's Republic of China ( Chinese : 中华人民共和国网络安全法 ), commonly referred to as the Chinese Cybersecurity Law , was enacted by the National People’s Congress with the aim of increasing data protection, data localization , and cybersecurity ostensibly in the interest of national security. The law is part of a wider series of laws passed by the Chinese government in an effort to strengthen national security legislation. Examples of which since 2014 have included

1736-542: The Premier. The secretary-general heads the General Office which handles the day-to-day work of the State Council. The State Council includes 26 constituent departments, and oversees the province-level governments throughout China. Each ministry supervises one sector. Commissions outrank ministries and set policies for and coordinate the related activities of different administrative organs. Offices deal with matters of ongoing concern. The establishment, dissolution, or merger of

Cyberspace Administration of China - Misplaced Pages Continue

1792-636: The State Council is hosted by the Premier, joined by Vice Premiers, State Councillors, Ministers in charge of Ministries and Commissions, the Governor of the People's Bank, the Auditor-General, and the Secretary-General. It usually runs bi-annually and when necessary, non-members can be invited to participate. Cybersecurity Law of the People%27s Republic of China The Cybersecurity Law of

1848-434: The State Council meets every six months, composed of all members of the State Council. Between meetings it is guided by an Executive Meeting of the State Council  [ zh ] which is held two to three times a month, and can be called at the discretion of the premier. The Executive Meeting is composed of the premier, vice premiers, state councilors, and the secretary-general. (first-ranked) The Plenary Meeting of

1904-513: The ability to "tap into the backbone of the Chinese Internet". Gibson Research Corporation attributed some of the attacks against GitHub to the CAC's operations. In the attack, ads hosted on Baidu were able to leverage computers visiting from outside China, redirecting their traffic to overload the servers of GitHub. "The tampering takes places someplace between when the traffic enters China and when it hits Baidu's servers," Gibson wrote. "This

1960-434: The ages of 16 and 18 to only 2 hours of mobile usage per day although they can be bypassed with permission from parents. Children under the age of 18 will be restricted from accessing the internet between 10 p.m and 6 a.m whereas children under age 8 will be allowed only 8 minutes a day. CAC says that online platforms will be responsible for the execution of the law if passed, although the specific penalties were not disclosed in

2016-521: The auditor general, and the secretary-general . The premier leads the State Council and is appointed by the NPC upon the nomination by the president , though in practice the premier is chosen within the CCP leadership, including the Politburo Standing Committee . The vice premiers (one executive and generally three others), state councillors, and a secretary-general (who normally also serves as

2072-422: The constituent departments are proposed by the premier and decided by the NPC or its Standing Committee. Bureaus and administrations rank below ministries. In addition to the ministries, there are 38 centrally administered government organizations that report directly to the state council. The heads of these organizations attend full meetings of the state committee on an irregular basis. The State Council controls

2128-685: The cybersecurity law. By incorporating preexisting laws on VPN and data security into the cybersecurity law, the Chinese government reinforces its control in addition to emphasize has the need for foreign companies to comply with domestic regulations. The cybersecurity law also provides regulations and definitions on legal liability . For different types of illegal conduct, the law sets a variety of punishments, such as fines, suspension for rectification, revocation of permits and business licenses, and others. The Law accordingly grant cybersecurity and administration authorities with rights and guidelines to carry out law enforcement on illegal acts. In July 2021,

2184-462: The event of failure to comply. State Council of the People%27s Republic of China The State Council of the People's Republic of China , also known as the Central People's Government , is the chief administrative authority and the national cabinet of China . It is constitutionally the highest administrative organ of the country and the executive organ of the National People's Congress ,

2240-700: The external name of the Central Leading Group's general office. It additionally changed its name in English to the Cyberspace Administration of China, while its Chinese name stayed the same. Lu Wei , who was the head of CAC until 2016, was previously the head of the Beijing CCP Central Committee's Publicity Department, and oversaw the Internet Management Office, a "massive human effort" that involved over 60,000 Internet propaganda workers and two million others employed off-payroll. It

2296-588: The global village into the most beautiful scene” and “An Internet power: Tell the world that the Chinese Dream is uplifting China.” The efforts of the CAC have been linked with a broader push by the Xi Jinping administration , characterized by Xiao Qiang , head of China Digital Times , as a "ferocious assault on civil society." In May 2020, the CAC announced a campaign to "clean up" online political and religious content deemed "illegal." In July 2020, CAC commenced

Cyberspace Administration of China - Misplaced Pages Continue

2352-673: The law could force companies transmitting data through servers in China to submit to data surveillance and espionage. Some analysts from Western backgrounds consider this law to be comparable to the EU's GDPR . They have suggested that the law could improve the Chinese government’s ability to monitor the public, as well as giving Chinese companies an advantage over foreign companies. The law sparked concerns both domestically and internationally due to its phrasing and specific requirements. Foreign companies and businesses in China expressed concerns that this law might impede future investments in China, since

2408-443: The law have stated that the intention of the law is not to prohibit foreign businesses from operating in China, or boost domestic Chinese competitiveness. A study by Matthias Bauer and Hosuk Lee-Makiyama in 2015, states that data localization causes minor damage to economic growth due to inefficiencies that arise from data transfer processes and the duplication of data between several jurisdictions. The requirement for data localization

2464-573: The law or partner with service providers such as Huawei , Tencent , or Alibaba , which have already have server infrastructure on the ground, saving capital expenditure costs for companies. The law is widely seen to be in line with 12th Five-Year Plan (2011–2015) which aims to create domestic champions in industries such as cloud computing and big data processing. The law is seen as a boon to domestic companies and has been criticized as creating an unfair playing ground against international technology companies such as Microsoft and Google . Supporters of

2520-454: The law requires them to "store their data on Chinese-law regulated local servers, and cooperate with Chinese national security agencies". Since its inception many foreign technology companies have already complied with the law. Apple for example, announced in 2017 that it would invest $ 1 billion in partnership with local cloud computing company Guizhou Cloud Big Data or GCBD to construct a new data center located in China's Guizhou province for

2576-417: The law. Article 35 is targeted at purchases of foreign software or hardware by government agencies or other "critical information infrastructure operators", requiring any hardware of software purchased to undergo review by agencies such as China's SCA or State Cryptography Administration, potentially involving the provision source codes and other sensitive proprietary information to government agencies paving

2632-416: The main functions of the State Council are to formulate administrative measures, issue decisions and orders, and monitor their implementation; draft legislative bills for submission to the NPC or its Standing Committee; and prepare the economic plan and the state budget for deliberation and approval by the NPC. The State Council has flexibility in decision-making, especially with regard to economic matters, but

2688-592: The most controversial sections of the law include articles 28, 35, and 37. Article 28 compels vaguely defined "network operators", (interpreted to include: social media platforms, application creators and other technology companies), to cooperate with public security organs such as the Ministry of Public Security and hand over information when requested. Article 28: Network operators shall provide technical support and assistance to public security organs and national security organs that are safeguarding national security and investigating criminal activities in accordance with

2744-587: The network and the relevant implementing department for that sector. The law is composed of supportive subdivisions of regulations that specify the purpose of it. For instance, the Core Infrastructure Initiative (CII) Security Protection Regulations and Measures for Security Assessment of Cross-border Transfer of Personal Information and Important Data. However, the law is yet to be set in stone since China's government authorities are occupied with defining more contingent laws to better correspond with

2800-643: The purposes of compliance. Simultaneously, the company also announced that it would transfer the operation and storage of iCloud data to mainland China. Microsoft also announced an expansion of its Azure services in partnership cloud computing company 21Vianet through investment in more servers. Meanwhile, online services, such as Skype and WhatsApp which refused to store their data locally and were either delisted from domestic app stores or restricted from further expansion. The law forces foreign technology and other companies operating within China to either invest in new server infrastructure in order to comply with

2856-420: The requirements for spot-checks and certifications, international law firms have warned that companies could be asked to provide source code, encryption, or other crucial information for review by the authorities, increasing the risk of intellectual property theft , information being lost, passed on to local competitors, or being used by the authorities themselves. The Federal Bureau of Investigation warned that

SECTION 50

#1732848365148

2912-498: The way state theft of intellectual property or transmission to domestic competitors. Above all, the article creates further regulatory burdens for foreign technology companies operating in China, indirectly creating a more favourable playing field for domestic competitors which would naturally be more prepared to comply with the regulations. Article 35: Critical information infrastructure operators purchasing network products and services that might impact national security shall undergo

2968-636: Was an external name of the External Propaganda Office (EOP) of the Chinese Communist Party (CCP). The first SIIO director was Wang Chen , who was also the director of the SCIO. Though initially a nameplate of the SCIO, SIIO soon gained full-time staff. Reforms in February 2014 led to the creation of the Central Leading Group for Cybersecurity and Information . The SIIO was transformed to become

3024-526: Was part of China's response following policymakers' heightened concerns of foreign surveillance and data collection after these disclosures. This law was enacted by the Standing Committee of the National People's Congress on November 7, 2016, and was implemented on June 1, 2017. It requires network operators to store select data within China and allows Chinese authorities to conduct spot-checks on

3080-482: Was promoted to the Central Cyberspace Affairs Commission in 2018. The CAC's current director is Zhuang Rongwen , who concurrently serves as a Deputy Head of the CCP's Publicity Department of the Central Committee . On 5 May 2011, the State Council approved the establishment of the State Internet Information Office (SIIO). The SIIO was initially a subgroup of the State Council Information Office (SCIO), which

3136-528: Was this experience that assisted CCP general secretary Xi Jinping in selecting Lu as the head of the CAC. Further reforms in February 2018 upgraded the Central Leading Group to the Central Cyberspace Affairs Commission (CACC), with the CAC staying as the executive arm of the commission. The Cyberspace Administration of China and the Office of the Central Cyberspace Affairs Commission of

#147852