Key takeaways

• On November 7, 2016, the Standing Committee of the National People’s Congress of China adopted the Network Security Law, which will come into force on June 1, 2017. The country’s first-ever law devoted solely to cybersecurity codifies a variety of cyber-crimes such as illegally obtaining or selling personal information, disseminating malicious software or “prohibited information,” and online fraud. 
• It also imposes obligations on “Network Operators” with regard to the protection of personal information, content monitoring for “prohibited information,” and cooperation with the authorities. 
• The Law also imposes additional data localization, data transfer restrictions, and cybersecurity obligations on “Critical Information Infrastructure Operators”.
• Further, it envisions pre-approval of “critical network equipment” and “specialized cyber-security products” and security screening for “network products or services.”