China puts considerations at the heart of a new data security law
China has passed a new data security law (DLS). The law will take effect on September 1, 2021.
The new regulations might have far-reaching consequences for businesses and individuals. More so, those wishing to submit information to foreign law enforcement organizations. Correspondingly, Chinese residents could enjoy more security from cyber attacks. Also, there could be a reduction of fraud in the dark web associated with Chinese nationals.
The new law is a complement to the existing Cyber Security Law (CSL). Equally important, China launched the law in 2017. Moreover, the Personal Information Protection Law (PIPL) is currently in its second reading and will be published later in 2021. Hence, the law is a massive foundation in China's legislative framework for data (privacy) protection and information security.
So, this article highlights key provisions in the legislation and what this means to Cybercrime and security.
China's New Data Security Law: Key Highlights.
Now, the data protection law will transform how China uses, collects, protects, and develops data. The DSL will undoubtedly have huge implications on many companies, inside and outside China.
China's Data Security Law focuses on data that is high-level and critical to national security. Subsequently, the DLS will apply to all forms of data, either electronic or physical. Plus, these laws will guide all data within China's territory. In addition, Data outside of China that may pose a security threat to China will also be regulated by the new laws. The move improves cyber attack responses, especially those from the dark web.
The Chinese government will create regulations to implement the DSL, according to China's experienced Lawyers. In addition, China will build "centralized, uniform, efficient, and authoritative" procedures for data security risk assessment and reporting.
The recommendation requires businesses and individuals operating in China to place procedures to protect data stored in the country.
According to the DLS, this law violator will pay a fine of not less than $15,660. However, the penalty is subject to the degree of violation. Businesses may also lose their licenses and fines given to orchestrators.
Notably, the DSL prohibits the provision of information to foreign states without China authorities' approval. However, there's still no clarity on guidelines for the approval. In the case this provision is violated, a fine for the responsible entity is approximately $150,000. Subsequently, responsible individuals may be subject to additional fees.
Severe violations of the DLS are punishable by a heavier approximate fine of $780,000, revocation of business licenses, as well as higher fees for responsible individuals. There is, however, not a clear outline of what violations are considered to be "severe."
The international trade scene is yet to understand the full implication of the new Data Security Law. The Chinese government is yet to release the guiding regulations over the data security laws. Chinese authorities must produce rules, statutory interpretations, or guidelines to explain specific fundamental provisions of the Data Security Law.
Do you find this content interesting?
Let us know by leaving a comment and a rating.
Also, don't forget to follow our Official Telegram Channel to stay informed and safe by Reading NOIRdotNEWS