Update: China Releases New Draft Regulations Regarding Cyber Security of Online Services and Products

After adopting the first Cyber Security Law in November 2016, China is coming up with new regulations for the risk and quality evaluation of online products and services.

On 4 February, the Cyberspace Administration of China (CAC) released draft regulations regarding the security of online products and services. The new cyber security service focuses on preventing products and services from being manipulated by foreign forces, as well as protecting party organs, government departments, and key industries from national security threats.  

The“Measures for the Security Review of Network Products and Services” draft regulations include a security inspection focusing on security and controllability for online products and services. The regulation is designed to find loopholes in products, their supply chains, and the enterprises‘ background. Besides loopholes, the security service scrutinizes products and services to prevent manipulation, interference, interruption of services, piracy, and theft of key elements.

Among the industries mainly affected, are finance, telecommunication, and the energy sector. 

Under this new regulation, the government and key industries would not be allowed to purchase products and services that have not passed the security inspection.

With these rules, the cyberspace security administration in China will be taken to the national level. The new law indicates that the CAC will work closely with other important government departments together to set up an Online Security Inspection Council , which will also supervise the controllability of commercial satellites, hydropower monitoring software, and electronic payment systems.

If you want to learn more about EU General Data Protection Regulation, you can watch our presentation VIDEO given by Mr.Hoffmann.

Furthermore, the CAC is seeking for public’s opinion and the draft is open for public comments until March 4th. Interested parties can send their comments and remarks by mail to the following address:


State Internet Information Office Network Security Coordination Bureau,

Beijing City, Dongcheng District, Chaoyang Nei Avenue No 225, 100010

and indicate “solicited comments” on the outside of the envelope;

Or send an e-mail directly to the Cyberspace Administration of China: zhangheng@cac.gov.cn

The estimated implementation of the regulation will be June 2017.

For further information continue reading about similar topics as Sticks and Stones for Foreign Business: The second draft for China’s Cyber Security Law is out.

 Richard2017 150x225   Richard Hoffmann

Richard Hoffmann is a partner at ECOVIS Beijing China. Richard obtained an honors degree in law and worked in Germany, the United States, and China for various prestigious law firms prior to joining ECOVIS. In addition to being a member of the board of ECOVIS International, he is Supervisor for the China business of a respected German company and shares his extensive knowledge to students by teaching commercial law in China at SRH Hochschule Heidelberg. He has published more than fifty articles in international magazines, frequently speaks at high profile events in China and abroad and is often invited as a legal expert by international TV stations. Contact: richard.hoffmann@ecovis-beijing.com


Ecovis Beijing is the trusted tax and legal advisor to several embassies and official institutions in China. It specializes in mid-sized international companies and is focused on tax & legal advisory, accounting and auditing. If you’re interested in finding out more about tax and legal, don’t hesitate to sign up for our Newsletter, give us a call +86 (10) 6561 6609 or contact us directly via service@ecovis-beijing.com