China issues new cybersecurity review measures

Journal of Investment Compliance Pub Date : 2021-04-01 DOI:10.1108/JOIC-10-2020-0039

L. Ross, Kenneth Zhou

{"title":"China issues new cybersecurity review measures","authors":"L. Ross, Kenneth Zhou","doi":"10.1108/JOIC-10-2020-0039","DOIUrl":null,"url":null,"abstract":"\nPurpose\nTo describe and analyze the implications of the new Measures (the “Measures”) for Cybersecurity Review jointly promulgated on April 27, 2020 by twelve Chinese government departments led by the Cyberspace Administration of China (CAC).\n\n\nDesign/methodology/approach\nDefines the scope of the Measures, explains the functions and obligations of critical information infrastructure operators (each, a CIIO), outlines the self-assessment and cybersecurity review process and discusses the implications of the Measures for foreign companies doing business in China.\n\n\nFindings\nThe Measures impose an obligation on CII operators to apply for a cybersecurity review when they intend to procure network products and services that present or may present a national security concern. Such review will focus not only on national security and data leakage concerns, but also on supply-chain security concerns. The cybersecurity review will likely further the decoupling between China and the US.\n\n\nPractical implications\nWhile the Measures are not formally intended to discriminate against foreign products and services, the promulgation of the Measures will have a significant impact on foreign companies that supply network products or services to CII operators in China.\n\n\nOriginality/value\nPractical guidance from lawyers with extensive experience in advising Chinese, US, European and other companies on laws and regulations related to competition, cross-border investments, joint ventures, strategic alliances and international trade matters.\n","PeriodicalId":399186,"journal":{"name":"Journal of Investment Compliance","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Investment Compliance","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/JOIC-10-2020-0039","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Purpose To describe and analyze the implications of the new Measures (the “Measures”) for Cybersecurity Review jointly promulgated on April 27, 2020 by twelve Chinese government departments led by the Cyberspace Administration of China (CAC). Design/methodology/approach Defines the scope of the Measures, explains the functions and obligations of critical information infrastructure operators (each, a CIIO), outlines the self-assessment and cybersecurity review process and discusses the implications of the Measures for foreign companies doing business in China. Findings The Measures impose an obligation on CII operators to apply for a cybersecurity review when they intend to procure network products and services that present or may present a national security concern. Such review will focus not only on national security and data leakage concerns, but also on supply-chain security concerns. The cybersecurity review will likely further the decoupling between China and the US. Practical implications While the Measures are not formally intended to discriminate against foreign products and services, the promulgation of the Measures will have a significant impact on foreign companies that supply network products or services to CII operators in China. Originality/value Practical guidance from lawyers with extensive experience in advising Chinese, US, European and other companies on laws and regulations related to competition, cross-border investments, joint ventures, strategic alliances and international trade matters.

查看原文本刊更多论文

中国发布新的网络安全审查措施

目的描述和分析2020年4月27日由中国国家互联网信息办公室(CAC)领导的十二个政府部门联合发布的新《网络安全审查办法》(以下简称《办法》)的影响。设计/方法/方法定义《办法》的范围，解释关键信息基础设施运营者(每个CIIO)的职能和义务，概述自我评估和网络安全审查流程，并讨论《办法》对在华经营的外国公司的影响。《办法》规定，当CII运营商打算采购存在或可能存在国家安全问题的网络产品和服务时，有义务申请网络安全审查。这种审查不仅关注国家安全和数据泄露问题，还将关注供应链安全问题。网络安全审查可能会进一步推动中美之间的脱钩。虽然《办法》的正式意图并非歧视外国产品和服务，但《办法》的颁布将对向在华CII运营商提供网络产品或服务的外国公司产生重大影响。创意/价值在为中国、美国、欧洲和其他国家的公司提供与竞争、跨境投资、合资、战略联盟和国际贸易相关的法律法规方面具有丰富经验的律师提供实用的指导。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Investment Compliance

自引率

0.00%

发文量