At the end of 2018, the grace period for implementing the new Chinese Cybersecurity regulations will expire. ECOVIS Beijing explains which sanctions can be imposed for violations.
At the end of 2018, the grace period for implementing the new Chinese Cybersecurity regulations will expire and since 1 May 2018, new data protection standards are in place.
In order, to ensure compliance with recently adapted and clarified standards, the government also intends to sanction non-compliant companies. The following table shows several sanctions which are imposed for violations. In addition to the depicted sanctions, there are furthermore or less severe penalties. These range from a warning, the loss of the right to operate in China, to a 15-day detention.
SANCTIONS FOR VIOLATING THE CYBERSECURITY LAW
The Cyber Security Law includes sanctions for various violations, including insufficient network security and non-compliance with administrative requests. A list of the respective violations and sanctions is outlined below:
|Deficient protection of network security (Art. 59)||Fine from 10.000 to 50.000 CNY|
|Ineffective methods of removing a product or non-compliant services (Art. 60)||Fine from 50.000 to 500.000 CNY|
|Not taking measures against customers or users with false ID-information (Art. 61)||Fine from 50.000 to 500.000 CNY; temporary business closure; closing of websites; revocation of business licenses|
|Violation of personal data (Art. 64)||Confiscation of illegally gained revenue and a fine of one to ten times as high as the gains; or a fine up to 1 million CNY|
|Illegal transfer of personal data (Art. 68)||Fine from 50.000 to 500.000 CNY; temporary shut down of the business; closing of all websites; loss of business licenses|
Although the Cybersecurity law is enforced since the 1st June of 2017, companies have time to adapt to the new regulations until 31 December 2018. The main focus of the law lies on large-scale state-owned enterprises and companies which accept users who publish false information on their platform. By doing this, the Chinese government also does not hesitate to punish larger and well- known companies. The most famous recent case was that of Alibaba which cloud-service activity was investigated.
ADVICE FROM ECOCIS BEIJING
Even though Chinese authorities have so far focused on large corporations and eye-catching incidents, small companies and foreign SMEs must not be complacent about regulatory risks.
ECOVIS Beijing can provide you with a cybersecurity health check. We can verify if the website provider has qualified licenses or whether it qualifies for online payments.
It is also possible to assess the cybersecurity of online trading or the security of the payment process. Furthermore, we review the lawfulness of the collection of personal information or the process of collecting, transmitting or storing data. Finally, we can evaluate whether the public and/or corporate server complies with the law.
If you want to learn more about EU General Data Protection Regulation, you can watch our presentation VIDEO given by Mr.Hoffmann.
If you have further questions about cybersecurity in China, feel free to contact email@example.com at any time.
Richard Hoffmann is a partner at ECOVIS Beijing China. Richard obtained an honors degree in law and worked in Germany, the United States, and China for various prestigious law firms prior to joining ECOVIS. In addition to being a member of the board of ECOVIS International, he is Supervisor for the China business of a respected German company and shares his extensive knowledge to students by teaching commercial law in China at SRH Hochschule Heidelberg. He has published more than fifty articles in international magazines, frequently speaks at high profile events in China and abroad and is often invited as a legal expert by international TV stations. Contact: firstname.lastname@example.org.
Ecovis Beijing is the trusted tax and legal advisor to several embassies and official institutions in China. It specializes in mid-sized international companies and is focused on tax & legal advisory, accounting and auditing. If you’re interested in finding out more about tax and legal, don’t hesitate to sign up for our Newsletter, give us a call +86 10-65616609 or contact us directly via email@example.com.