Reed Smith Client Alerts

On November 1, 2018, China’s new “Regulation on the Internet Security Supervision and Inspection by Public Security Organs” (公安机关互联网安全监督检查规定) will take effect. Passed by China’s Public Ministry of Public Security (MPS) on September 30, 2018, it is the latest regulation that implements China’s Cybersecurity Law (CSL), which took effect in June last year. The regulation sets forth guidance and procedures for how China’s Public Security Bureaus (PSBs) conduct cybersecurity inspections of businesses providing or using Internet services in China. The regulation gives PSBs broad authority over cybersecurity inspections and is anticipated to pave the way for enforcement measures in the future. Considering the likely overlap between the regulation and other MPS regulations aiming to implement the CSL, further guidance is expected to clarify how these different implementing regulations interact with each other.

Authors: Danielle Liebl

Keyboard with Chinese characters

China’s new cybersecurity inspection regulation

Scope and applicability. The regulation allows PSBs to conduct cybersecurity inspection on four types of Internet service providers and network-using entities (联网使用单位): 

  • Providers of Internet, data centers, content distribution and domain name services;
  • Providers of Internet information services; 
  • Providers of public Internet access (such as Internet cafés); and
  • Providers of other Internet services, which will be determined at the PSBs’ discretion.

PSBs are granted considerable discretion to determine whether the regulation applies to a specific business. Notably, the regulation is silent on what constitutes Internet service providers and network-using entities, the latter of which was defined in a 1997 MPS regulation as entities connected to the Internet that are required to register with the local PSB. Arguably, these two types of entities would also be deemed network operators under the CSL, defined to mean “owners, operators, and service providers of computer networks,” and further subject to various obligations imposed by the CSL.