The Technology, Media and Telecommunications Review: China
In terms of matters relating to TMT, the government has always taken an affirmative position with the intention of constantly harmonising different sets of sector-specific laws and regulations with the rapid development of the TMT industry. Meanwhile, various incentive measures and preferential policies have been designed to ensure the protection and conditions for the expansion of fair competition and the development of a healthy market.
TMT regulation in China divides all telecommunications into two categories: basic telecommunications services (BTS) and value-added telecommunications services (VATS). BTS essentially refers to the provision of infrastructure facilities and basic voice and data transmissions, both domestically and internationally, while VATS refers to the provision of specialised services via the basic infrastructure facilities. China adopts a strict licensing system for the telecoms industry, and telecoms operators are required to obtain a licence to engage in either BTS or VATS. To fulfil its commitments to the World Trade Organization, China is gradually opening up its telecoms industry to foreign investment.
Among all the VATS, internet content services and e-commerce have grown at a rapid pace in recent years. Following the prosperity of the internet industry, online IP infringement, unfair competition and anti-counterfeiting and cybersecurity risks are issues that are starting to become of greater concern to telecoms operators.
i The regulators
TMT is one of the broader sectors in China, touching upon a number of different fields of business. The Ministry of Industry and Information Technology (MIIT) is the primary regulatory body in charge of licensing for and administration of BTS and VATS, including internet content or service provision (ICP, ISP and SP) and internet access tariffs and charges. Due to its complex nature, the TMT sector is also governed by other regulatory authorities, including but not limited to:
- Ministry of Commerce (e-commerce policy, foreign investment in the TMT sector);
- Ministry of Culture (online gaming, internet cultural activities, online music, etc.);
- National Development and Reform Commission (IT industry planning and policy);
- State Administration for Market Regulation and its local branches (consumer rights protection, online advertising, fair competition, registration of entities);
- Ministry of Public Security (internet security);
- Office of the Central Cyberspace Affairs Commission (coordinating and supervising online content management and handling administrative approval of businesses related to online news reporting);
- National Radio and Television Administration (news, publications, TV, radio, film, import and export of films, books, music, etc.);
- State Intellectual Property Office (patent, trademark and geographical indication);
- the Office of State Commercial Cryptography Administration;
- Cyberspace Administration of China (cybersecurity); and
- National Information Security Standardisation Technical Committee (issuing standards related to cybersecurity).
ii Main sources of law
The main sources of legislation and regulations governing the TMT sector in China are as follows:
- Decision of the National People's Congress Standing Committee to Strengthen Internet Information Protection;
- the following laws:
- Data Security Law (Draft);
- Advertising Law;
- Counterterrorism Law;
- Copyright Law;
- Contract Law;
- Cyber Security Law;
- Cryptography Law;
- E-Commerce Law;
- Electronic Signatures Law;
- Foreign Investment Law;
- Law of the PRC on the Protection of Consumer Rights and Interests;
- Standardisation Law; and
- State Security Law of China;
- the following regulations:
- Telecommunications Regulations;
- Regulations for the Management of Commercial Cryptographic (Revised Draft for Comments);
- Regulations for the Management of Online Publishing Services;
- Regulations for the Management of Radio and Television;
- Regulations for the Protection of the Right of Communication through Information Networks;
- Regulations for the Security Protection of Computer Information System;
- Regulations for the Protection of Computer Software;
- Regulations for the Protection of Security of Critical Information Infrastructure (draft for comments);
- Regulations on Multi-level Protection for Cybersecurity (Exposure Draft); and
- Provisional Regulations for the Administration of Internet Culture;
- the following measures:
- Measures for Cybersecurity Review;
- Measures on Pilot Scheme for Foreign-funded Value-added Telecommunications Businesses in China (Shanghai) Pilot Free Trade Zone;
- Measures for the Administration of Telecommunications Construction;
- Measures for the Administration of the Connection of Telecommunications Equipment to Networks;
- Measures for the Administration of Telecommunications Business Permits;
- Measures for the Handling of Disputes Regarding Interconnections between Telecommunications Networks;
- Measures for the Administration of International Communications Gateways;
- Measures for the Administration of Internet Information Services;
- Measures for the Administration of Services of Private Network and Directional Transmission of Audio-Visual Programmes;
- Measures for the Administration of Electronic Certification Services;
- Measures for the Administration of Internet Domain Names;
- Interim Measures for the Administration on Use and Maintenance of Internet Information Security Management System;
- Measures for the Registration of Copyright in Computer Software;
- Interim Measures for the Administration of Internet Advertising;
- Interim Measures for the Administration of Online Car Hailing Services;
- Interim Measures for the Administration of Online Tourism Operating Services;
- Measures for the Security Assessment of Export of Personal Information and Important Data (draft for comments);
- Measures for the Security Assessment for Cross-border Transfer of Personal Information (draft for comments);
- Measures for the Administration of Qualification of Secret-involved Information System Integration;
- Measures for the Administration of Online Transactions; and
- the following provisions:
- Provisions on the Cyber Protection of Children's Personal Information;
- Provisions on the Ecological Governance of Network Information Content;
- Provisions for the Administration of Online Audio and Video Information Services;
- Provisions on the Network Ecology Governance (Draft for Comments);
- Provisions for the Administration of Mobile Internet Applications Information Service;
- Provisions for the Administration of Internet Information Search Services;
- Provisions for the Administration of the Construction of International Communications Facilities;
- Provisions for the Administration of Internet Audio and Video Programming Services;
- Provisions for the Administration of Internet News Information Services;
- Provisions for Technical Measures of Internet Security Protection; and
- Provisions on the Security Assessment of Internet-based Information Services with Attribute of Public Opinions or Capable of Social Mobilisation;
- the following catalogues and lists:
- Catalogue of Certification for Commercial Encryption Products (Batch 1);
- Catalogue of Telecommunications Services;
- Catalogue of Network (Cyber) Critical Equipment and Cybersecurity-Specific Products (Batch 1);
- Catalogue of Guide of Foreign Investment;
- Industry Guidelines on Encouraged Foreign Investment (July 2020 Draft for Comments);
- Negative List of Access of Foreign Investment; and
- Negative List for Foreign Investment Access in Pilot Free Trade Zones;
- the following rules:
- Rules for the Commercial Password Product Certification;
- Rules for the Administration of Foreign-Invested Telecommunications Enterprises;
- Rules for the Administration of the Interconnection of Public Telecommunications Network;
- Rules for the Administration of the Establishment of Satellite Communications Networks and Installation and Use of Earth Stations;
- Rules for the Protection of Personal Information of Telecommunication and Internet Users;
- Rules for the Allocation of Radio Frequency Band;
- Rules for the Registration of Real Names of Phone Users; and
- Procedural Rules for the Resolution of Domain Name Disputes by China Internet Network Information Centre;
- the following national standards:
- Information Security Technology – Cyber-data process security specification;
- Information Security Technology – Method of boundary identification for critical information infrastructure;
- Information Security Technology – The evaluation method for security protection capability of critical information infrastructure;
- Information Security Technology – Assessment Method for Security Capability of Cloud Computing Service;
- Information Security Technology – Security Capability Requirements for Big Data Services;
- Information Security Technology – Guide of Information Security Risk Assessment;
- Information Security Technology – Guide of Assessment for Data Cross-Border Transfer Security (draft for comments);
- Information Security Technology – Guide of Personal Information Protection in Public and Commercial Services Information System;
- Information Security Technology – Guide of Personal Information Security Specification;
- Information Security Technology – Guide of Assessment for Personal Information Security Impact;
- Information Security Technology – Baseline for Classified Protection of Cybersecurity;
- Information Security Technology – Technical Requirements of Security Design for Classified Protection of Cybersecurity;
- Information Security Technology – Evaluation Requirements for Classified Protection of Cybersecurity; and
- the following guidelines:
- Guidelines for the Development of Data Security Standard Systems in the Telecommunications and Internet Industries (Draft for Comment);
- Guidelines for the Developing the National Next-Generation Artificial Intelligence Standard System;
- Guidelines for the Development of a System of Network Data Security Standards (Draft for Comment); and
- Guidelines for the Classification and Grading of Industrial Data (Interim);
- Notice of the Administration of Mobile Game Publishing Services, issued by the National Radio and Television Administration;
- Opinions on Further Opening up Value-added Telecommunication Business to Foreign Investments in the China (Shanghai) Pilot Free Trade Zone, jointly issued by MIIT and the Shanghai municipal government; and
- Circular for Removing Restriction on Foreign Shareholding in Holder of Online Data Processing and Transaction Processing in China (Shanghai) Pilot Free Trade Zone, issued by MIIT.
The main statute governing telecoms services is the Regulations for the Management of Telecommunications, supported by the Catalogue of Telecommunications Services. Foreign-invested companies may refer to the Catalogue of Guide of Foreign Investment, Industry Guidelines on Encouraged Foreign Investment, and Negative List of Access of Foreign Investment for additional restrictions and requirements imposed on acquiring telecom licences.
iii Regulated activities
A telecommunications operator who operates basic telecommunications services or VATS (as classified in the Catalogue of Telecommunications Services) shall obtain a licence under the Measures for the Administration of Telecommunications Service Operating Permits or the Rules for the Administration of Foreign-Invested Telecommunications Enterprises.
iv Ownership and market access restrictions
The newly revised Foreign Investment Law in 2019 and the statements of the high-profiles in recent years reveal China's willingness to be more open to foreign investors in the TMT field, which was also one of China's commitments to the World Trade Organization.
With certain restrictions and regulatory approval procedures, foreign-funded telecoms enterprises are able to engage in telecoms businesses not prohibited by the Negative List of Access of Foreign Investment or Negative List for Foreign Investment Access in Pilot Free Trade Zones (if applicable) provided that they abide by the provisions of the Regulations for the Management of Telecommunications and other applicable laws and regulations.
BTS and VATS are available to foreign investment by way of a Sino-foreign equity joint venture. To establish a foreign-invested telecommunications enterprise providing BTS or VATS, the major Chinese investor shall submit the required application documents for approval to MIIT.
The ultimate proportion of contribution and registered capital required for BTS business are as follows.
|Business classifications||Geographical areas||Registered capital||Proportion of contribution|
|BTS business||Nationwide, or beyond a single province, autonomous region or municipality directly under the central government||Not less than 1 billion yuan||Foreign investors: no more than 49% (except radio paging services and the construction and operation of power grid systems)|
|Within a province, autonomous region or municipality directly under the central government||Not less than 100 million yuan|
The major foreign investor of a foreign-invested telecommunications enterprise providing BTS shall meet the following conditions:
- being qualified as a legal person or enterprise;
- having obtained a licence for providing BTS from the registration country or region;
- having the funds and professionals commensurate with its business operation; and
- having a good performance record and experience in providing BTS.
Advantages enjoyed by the foreign investors in Shanghai Pilot Free Trade Zone (Shanghai FTZ) have become more obvious, particularly in VATS business. The availability of VATS for foreign investors in Shanghai FTZ is summarised in the following chart.
|Type of VATS||Availability||Maximum foreign equity ratio|
|B11 Internet data centre services||×||\|
|B12 Content delivery network services||×||\|
|B13 Domestic internet protocol virtual private network services||√||≤50%|
|B14 Internet access services||√||Restricted to ISP service provided to internet users, ≤100%|
|B21 Online data processing and transaction processing services||√||E-commerce, ≤100%; others, ≤50%|
|B22 Domestic multiparty communication services||√||≤100%|
|B23 Store-and-forward services||√||≤100%|
|B24-1 Domestic call centre services||√||≤100%|
|B24-2 Offshore call centre services||√||≤100%|
|B25 Information services||√||App store, ≤100%; others, ≤50%|
|B26-1 Internet domain name resolution services||√||≤50%|
The chart below compares the substantive and procedural differences in foreign investors' application for a VATS licence in Shanghai FTZ and non-free trade areas.
|Shanghai FTZ||Non-free trade areas|
|Authority||Shanghai Communications Administration (SCA)||Ministry of Industry and Information Technology (MIIT)|
|Timeline||Within three months.||Around one year in practice.|
|Requirements||Legally established in the FTZ. |
Registered capital ≥ 1 million yuan. The place of registration and service facilities of enterprises shall be located within Shanghai FTZ (for operating e-commerce business of ODPTP, the service facilities could be located outside Shanghai FTZ, but should still be located within Shanghai).
The foreign investor has a record of good performance and operating experience in operating VATS business. Business description and supporting certificates should be provided.
|For providing service nationwide or across different provinces, registered capital ≥ 10 million yuan.|
For providing service within a province, registered capital ≥ 1 million yuan.The foreign investor has a record of good performance and operating experience in operating VATS business. Business description and supporting certificates should be provided.
iv Transfers of control and assignments
An ownership change or transfer of equity of a foreign-invested telecommunications enterprise shall comply with China's laws and regulations on investor qualifications and industrial policy requirements. First, the ownership change or transfer of equity of a foreign-invested telecommunications enterprise shall not violate the Catalogue of Guide of Foreign Investment and the Negative List of Access of Foreign Investment or Negative List for Foreign Investment Access in Pilot Free Trade Zones (if applicable). In addition, in TMT industries, MIIT and its branches and the Administrative, Industrial and Commerce authorities may review such transactions.
The enterprise shall, within 30 days of the date on which the examination and approval authority approves the change or the transfer, go through the formalities regarding that examination and approval authority. If the Chinese investor in a joint venture will obtain the entire equity, it shall, within 30 days of the date of approval by the examination and approval authority, cancel the certificate of the foreign-invested enterprise to the examination and approval authority. The enterprise shall, within 30 days of the date of change or cancellation of the foreign-invested enterprise approval certificate, apply to the registration authority for registration of change.
Telecommunications & internet access
i Internet and internet protocol regulation
With regard to the government institutions that were restructured in 2018, generally, internet and IP-based services are regulated by the following authorities:
- internet services and cybersecurity issues: MIIT, the Cyberspace Administration of China and the Ministry of Public Security; and
- IP-based services: the National Radio and Television Administration (news, publications, TV, radio, film, import and export of films, books, music, etc.), the Copyright Protection Centre of China (copyright registration issues) and the State Intellectual Property Office (patent, trademark and geographical indication).
ii Universal service
Under the current telecoms legal system of China, basic telecommunications operators are required to perform their corresponding obligations to make telecommunications services universally available, in accordance with relevant state regulations. MIIT may determine which telecommunications operators shall assume specific obligations in respect of the universal availability of telecommunications services by designating such operators or by inviting tenders.
The State Administration for Market Regulation and the State Council's department in charge of pricing are responsible for formulating the procedures for the administration of compensation for the costs of making telecommunications services universally available.
In addition, telecommunications operators engaging in domestic telephone business and mobile phone business are required to provide their subscribers with free telecommunications services of a public welfare nature, such as phone numbers for reporting fire-related accidents, bandit-related incidents, medical emergencies and traffic accidents, and the availability of telephone lines shall be guaranteed.
iii Restrictions on the provision of service
According to the Announcement of the MIIT and the National Development and Reform Commission on Market-Regulated Prices for Telecom Services issued in 2014, telecoms service prices are regulated by the market. When setting prices, operators must fully consider:
- production and operation costs;
- supply and demand in the telecoms market;
- other factors to reasonably determine charging rates; and
- operators must publish charge plans, billing methods and other information.
On 23 August 2018, the MIIT issued a Circular on Further Regulating Activities to Market Telecommunications Tariff Schemes, stating that telecommunications business operators must prepare their own reasonable schemes for telecommunications charges. These schemes must clearly specify the operator's:
- structure of fees;
- fee items;
- fee standards;
- charging principles;
- corresponding services;
- conditions for handling telecommunications business; and
- validity periods.
In addition, the Circular requires operators to use simple, definite, standardised and unambiguous language to present such information.
Consumers also have the right to protect their interests under the Law of the PRC on the Protection of Consumer Rights and Interests.
Requirements for manufacturers and operators
Under the network access permit system, the following requirements shall be met by telecommunications equipment manufacturers:
- obtain the relevant network access permit;
- once obtained a network access permit, promptly report such for the record to the telecommunications authorities in the various provinces, autonomous regions and municipalities, and accept the supervision and management of such departments;
- if there is any modification relating to technology and appearance, such changes shall be tested, and a new application for a new network access permit shall be submitted;
- ensure that the quality of the equipment for which they have obtained a network access permit is stable and reliable, and they may not lower the quality or performance of their products; and
- affix a sticker presenting the network access permit logo and the network access certificate stating the certificate number, applicant, name of manufacture, device name, device type and the effective date of the certificate.
The following requirements shall be met by telecommunications operators:
- obtain network access approval prior to using telecommunications equipment;
- consider that users have the right to choose the telecommunications terminal equipment to be used, and no carrier shall prevent subscribers from connecting their own telecommunications terminal equipment for which the network connection permit has been obtained;
assist the authorities to review the certified equipment connected to their networks;
- major incidents caused by the telecommunications equipment shall be truthfully reported in a brief written report by the telecommunications operators; and
- shall not monitor and control the content, applications and services accessed by their network users under the regulations on personal information protection.
iv Privacy and data security
Regulatory and legislative policies in national interests
Under the Cyber Security Law, national security review is required for network operators who purchase network products and services that may potentially have an impact on national security. Network operators are required to provide technological support and assistance to public and state security organs in national security and criminal investigations.
Personal information protection
Network operators (including telecoms providers) are required by the Cyber Security Law to keep strictly confidential users' personal information that they have collected, and establish and improve the users' information protection system. Information Security Technology – Guide of Personal Information Security Specification (the PI Specification), the non-binding national standard, illustrates the obligations of privacy protection in detail. The PI Specification plays a key role in personal information protection and has been cited by courts and the enforcement authority. An increasing number of companies in the market also tend to refer to the PI Specification as the standard when conducting self-auditing of their personal information protection.
Child information protection
Under the PI Specification, personal information of persons aged 14 or under is considered as a child's personal information and is classified as sensitive personal information. To regulate the collection and processing of child information, the Cyberspace Administration of China published the Provisions on the Cyber Protection of Children's Personal Information in 2019. Network operators are required to establish special rules and user agreements for the protection of children's personal information, and designate persons to take charge of the protection of children's personal information. Network operators will also need to inform the child's guardians in a noticeable and clear manner, and shall obtain the consent of the child's guardians for the collection, use, transfer or disclosure of a child's personal information.
Network operators' security-related obligations
Except for the obligations of personal information protection, network operators are also required by the Cyber Security Law to fulfil the following security obligations according to the requirements of the multi-level protection scheme, to ensure that the network is free from interference, damage or unauthorised access, and prevent network data from being divulged, stolen or falsified:
- formulate internal security management systems and operating instructions, determine the persons responsible for cybersecurity, and implement the cybersecurity protection responsibility;
- take technological measures to prevent computer viruses, network attacks, network intrusions and other actions endangering cybersecurity;
- take technological measures to monitor and record the network operation status and cybersecurity incidents, and preserve relevant web logs for no less than six months; and
- take measures such as data classification, back-up and encryption of important data.
In terms of telecommunications resources, the central government is attempting to carry out uniform planning, centralised administration and reasonable allocation, and to implement a system of use with compensation. Telecommunications resources are resources that have telecommunications functions, and are limited in amount, including, inter alia, RFs, satellite orbit locations and telecommunications network codes.
A telecommunications operator that occupies or uses telecommunications resources shall pay telecommunications resource fees. MIIT is the major government body responsible for formulating specific measures for fee collection for use of telecommunications resources. When MIIT allocates telecommunications resources, it needs to consider factors including telecommunications resource planning, usage and expected service capability. The allocation of telecommunications resources may be made either by designation or by auction. To date, no auctions have been conducted.
Without the approval of MIIT, an operator may not unilaterally use, transfer or lease out telecommunications resources or change the use of telecommunications resources. After a user of telecommunications resources obtains a telecommunications network code, the major telecommunications operators or other relevant parties shall be obligated to take the necessary technical measures to cooperate with such user of telecommunications resources to allow it to achieve the functionality of its telecommunications network code resources.
i Regulation of media distribution generally
China has systematic restrictions on TV and radio content provision and transmission.
Radio or television stations shall be established by the administrative departments for radio and television under the people's governments, and educational television stations may be established by the administrative departments for education under the people's governments at or above the level of a city divided into districts or counties. No other entity or individual may establish radio or television stations.
An entity that intends to establish a cable television station shall obtain the preliminary consent of the competent department of radio and television of the province and apply for the approval of the National Radio and Television Administration. Upon approval, a permit to establish a cable television station shall be issued by the National Radio and Television Administration to the applying entity. An entity that intends to establish a small cable television station shall obtain the preliminary consent of the competent department of radio and television of the country, and apply for the approval of the competent department of radio and television of the province. Upon approval, a permit to establish a small cable television station shall be issued by the competent department of radio and television of the province to the applying entity.
An entity or individual that intends to set up master antenna television shall report to the department of radio and television of the district or county for its records.
An entity that intends to utilise its existing ground satellite receiving facilities or install special ground satellite receiving facilities to receive television programmes transmitted via foreign satellites shall apply in writing to the competent department at or above the provincial level. If consent is granted thereto upon examination, the applying entity shall proceed to submit the application for examination and approval to the department (or bureau) of radio and television of the province, autonomous region or municipality directly under the central government where the applying entity is located. Upon this approval, a permit to receive television programmes transmitted via foreign satellites shall be issued to the applying entity, and the case shall be reported by the examining and approving authorities to MIIT, the National Radio and Television Administration, the Ministry of Public Security and the Ministry of State Security for their records.
The watchdog also keeps a close eye on emerging platforms, such as BBS, blogs, microblogs, chat rooms, communication groups, public accounts, short videos, online streaming, information sharing and mini programmes. The Cyberspace Administration of China and the Ministry of Public Security jointly released the Provisions on the Security Assessment of Internet-based Information Services with Attribute of Public Opinions or Capable of Social Mobilisation, clearly stating the goal of strengthening the security management of internet-based information services and the relevant new technologies and new applications and regulating internet-based information service activities, and safeguarding national security.
ii Internet-delivered video content
An entity that intends to provide internet audio and video programme-related services shall obtain a permit for audio and video programmes transmitted through an information network issued by the competent radio and television authority, or go through the formalities for registration in accordance with the provisions of these regulations. Article 6 of the Provisions for the Administration of Online Audio and Video Information Services published in November 2019 affirmed this qualification/permit requirement.
As internet access is very common in China and because of technology development, ICPs pay great attention to the protection of their contents' copyright. ICPs may include large platforms providing audio and video content to consumers, or personal media. ICPs take technical measures to prevent copyright infringement. More and more lawsuits related to the right of communication through the information network (a subclass of copyright under the Copyright Law of China) are being filed to fight against the unauthorised use, reproduction or transmission of internet contents. The amount of compensation being awarded in these types of cases is getting higher, especially in judgments of the intellectual property courts in Beijing, Shanghai and Guangzhou that focus on the protection of copyright ownership of internet content.
The year in review
With the rapid development of technology, telecommunication, internet and data business often overlap and this makes it difficult for regulators to create clear definitions of each. The MIIT that regulates both telecommunication and data in the past year put more effort into supervising the thriving business of data and issued the Guidelines for the Construction of Data Security Standard System in the Telecommunications and Internet Industries (Draft for Comments) in August 2020. Similarly, the Cyberspace Administration of China (CAC) together with 12 other bureaus, jointly issued the Measures for Cybersecurity Review in 2020, aiming to implemented Article 59 of the National Security Law and Article 35 the Cyber Security Law and protect national security, in particular, the security of the supply chain of critical information infrastructure. In addressing some doubts and questions from foreign investors, the spokesperson of CAC stated that the Measures for Cybersecurity Review are not intended to restrict or discriminate against foreign products or services as China will continue to embrace the opening-up policy.
The legislature is also working on establishing China's data and privacy structure. On 28 May 2020, the 13th National People's Congress passed China's first-ever Civil Code, incorporating an individual chapter of privacy rights and personal information protection that stipulates the definitions, principles, rights and responsibilities regarding personal information. The Civil Code is expected to be a milestone in the establishment of China's data and personal information protection system. Specific rules for data and privacy protection were improved. Three years after taking effect, China updated the GB/T 35273 Information Security Technology – Personal Information Security Specification in 2020.
While the Civil Code was promulgated, the Standing Committee of the National People's Congress announced the legislative plan of the Personal Information Protection Law and the Data Security Law. The first draft of Data Security Law was released in July 2020. Once promulgated, the Data Security Law is expected to be the fundamental legislation in data security and form China's data regulatory system together with the existing Cyber Security Law and the forthcoming Personal Information Protection Law.
Conclusions and outlook
To fulfil China's commitments to the World Trade Organization, we believe that the VATS market will gradually become more open to foreign investors, even though foreign investment is still likely to be restricted or prohibited in internet content services and the media (including emerging platforms).
In the age of big data, China has seen continuing progress towards legislation to protect personal information and increasing law enforcement in this field ever since the Cyber Security Law came into effect. A number of rules and measures accompanying the Cyber Security Law have also been released, although more are expected to be published in the future. These are likely to include legislation such as the Personal Information Protection Law and the Data Security Law as well as administrative measures regarding cross-border data transfer, which will be of critical interest to foreign investors doing TMT business with China.
1 Jihong Chen is an equity partner at Zhong Lun Law Firm.