New Cybersecurity Law in China November 2024

The first cybersecurity law was passed in China on November 7, 2016.

What effects will China’s Cybersecurity Law have on the industry and domestic Internet companies in particular?

Below is waht Cybersecurity Law regulates :

companies that build, maintain the Internet or provide service through the Internet shall follow laws and administrative regulations as well as mandatory requirements set by the state’s standards. They shall take technical and other necessary measures to ensure the Internet is functioning safely and stably, handle cybersecurity incidents effectively, prevent cyber criminal activities, and maintain the integrity, secrecy and usability of Internet data.

Internet companies are required to “monitor and log the operational status of the network.” Earlier in April this year, more than 20 companies that provide live-streaming services signed self-disciplinary agreements for content regulation, which require user-generated content be stored for at least 15 days. Under the new cybersecurity law, that is far from enough. According to Article 21, Internet logs and relevant data shall be “stored for at least six months.”

While it is legitimate to ask Internet companies to safeguard Internet users against potential cyber attacks and cybersecurity threats, the data storage requirement puts extra, if not unreasonable, burdens on small-sized companies. This is also especially challenging for multimedia sharing companies or social media platforms with a large amount of users uploading pictures and videos every second. The math is simple: the longer a company needs to store its data and user content, the more bandwidth and storage room it needs, and the more it needs to pay for those products.

Second, according to Article 50, all Internet companies are required to stop the dissemination of illegal content and comply with relevant laws and regulations on online information control.