(2021Year6month10Adopted at the 29th meeting of the Standing Committee of the 13th National People's Congress on July 1)
Chapter 1 General Provisions
Article 1 To regulate data processing activities,Ensure data security,Promote data development and utilization,Protect individuals、Organization’s legitimate rights and interests,Safeguard national sovereignty、Security and development interests,Enact this law。
Article 2: Data processing activities and security supervision within the territory of the People’s Republic of China,This law applies。
Carrying out data processing activities outside the People’s Republic of China,Undermining the national security of the People's Republic of China、Public interest or citizenship、Organization’s legitimate rights and interests,Pursuing legal responsibility according to law。
Article 3 Data as referred to in this Law,Refers to any electronic or other record of information。
Data processing,Includes collection of data、Storage、Use、Processing、Transmission、Provided、Public etc.。
Data Security,refers to taking necessary measures,Ensure that data is effectively protected and used legally,And the ability to ensure a continued security state。
Article 4: Maintain data security,We should adhere to the overall national security concept,Establish and improve the data security governance system,Improve data security capabilities。
Article 5: The central national security leadership agency is responsible for the decision-making and coordination of national data security work,Research and Development、Guide the implementation of the national data security strategy and related major policies,Coordinate major matters and important work of national data security,Establishing a national data security work coordination mechanism。
Article 6: Regions、Each department’s response to the region、Responsible for the data collected and generated during the work of this department and its security。
Industrial、Telecom、Transportation、Finance、Natural resources、Health and Health、Education、Science and technology and other competent departments are responsible for this industry、Data security supervision responsibilities in this field。
Public security agency、National security agencies, etc. shall comply with this Law and relevant laws、Provisions of administrative regulations,Be responsible for data security supervision within their respective scope of responsibilities。
The national cybersecurity and informatization department shall comply with this Law and relevant laws、Provisions of administrative regulations,Responsible for coordinating network data security and related supervision work。
Article 7: The state protects individuals、Organization’s rights and interests related to data,Encourage the reasonable and effective use of data in accordance with the law,Ensure the orderly and free flow of data in accordance with the law,Promote the development of a digital economy with data as a key element。
Article 8: Carrying out data processing activities,Should abide by the law、Regulations,Respect social morality and ethics,Abide by business ethics and professional ethics,Honest and trustworthy,Perform data security protection obligations,Undertake social responsibility,Must not endanger national security、Public interest,No harm to individuals、Organization’s legitimate rights and interests。
Article 9: The state supports the promotion and popularization of data security knowledge,Improve the awareness and level of data security protection in the whole society,Promote relevant departments、Industry organization、Scientific research institution、Enterprise、Individuals and others jointly participate in data security protection work,Form a good environment where the whole society jointly maintains data security and promotes development。
Article 10: Relevant industry organizations shall comply with the charter,Formulate data security code of conduct and group standards in accordance with the law,Strengthen industry self-discipline,Guide members to strengthen data security protection,Improving the level of data security protection,Promote the healthy development of the industry。
Article 11: The state actively carries out data security governance、International exchanges and cooperation in the fields of data development and utilization,Participate in the formulation of international rules and standards related to data security,Promote cross-border data security、Free flow。
Article 12 Any individual、Organizations have the right to complain to the m88 best betting websiterelevant competent authorities m88 live casino gamesfor violations of this law、Report。Complaint received、The reporting department shall handle it promptly and in accordance with the law。
m88 best betting websiterelevant competent authorities should respond to complaints、Relevant information of the whistleblower will be kept confidential,Protection Complaint、Legitimate rights and interests of whistleblowers。
Chapter 2 Data Security and Development
Article 13: National Coordination of Development and Security,Insist on promoting data security through data development and utilization and industrial development,Guarantee data development, utilization and industrial development with data security。
Article 14: National implementation of big data strategy,Promote the construction of data infrastructure,Encourage and support data in all industries、Innovative applications in various fields。
People’s governments at or above the provincial level should incorporate digital economic development into their national economic and social development plans,And formulate a digital economy development plan as needed。
Article 15: The state supports the development and utilization of data to improve the intelligence level of public services。Provide intelligent public services,The elderly should be given full consideration、Needs of persons with disabilities,Avoid treating the elderly、Disabled people’s daily life creates obstacles。
Article 16: The state supports data development and utilization and data security technology research,Encourage technology promotion and business innovation in areas such as data development and utilization and data security,Nurture、Develop data development and utilization and data security products、Industrial system。
Article 17: The state promotes the construction of data development and utilization technology and data security standard system。The standardization administrative department of the State Council and the relevant departments of the State Council according to their respective responsibilities,Organize the development and timely revision of relevant data development and utilization technologies、Standards related to product and data security。State-supported enterprise、Social groups and education、Scientific research institutions and others participate in the formulation of standards。
Article 18: The state promotes data security testing and evaluation、The development of certification and other services,Support data security detection and assessment、Professional organizations such as certification carry out service activities in accordance with the law。
State supports relevant departments、Industry organization、Enterprise、Educational and scientific research institutions、Relevant professional organizations are waiting for data security risk assessment、Precaution、Collaboration in disposal and other aspects。
Article 19: The state establishes and improves a data transaction management system,Standardize data transaction behavior,Cultivation of data trading market。
Article 20 State Support for Education、Scientific research institutions and enterprises carry out education and training related to data development and utilization technology and data security,Adopt various methods to cultivate data development and utilization technology and data security professionals,Promote talent exchange。
Chapter 3 Data Security System
Article 21: The state establishes a data classification and hierarchical protection system,According to the importance of data in economic and social development,And once tampered with、Destruction、Leaked or illegally obtained、Illegal use,For national security、Public interest or personal、The degree of harm caused to the organization’s legitimate rights and interests,Implement classified and hierarchical protection of data。The national data security coordination mechanism coordinates relevant departments to formulate important data catalogs,Strengthen the protection of important data。
Related to national security、The lifeblood of the national economy、Important people’s livelihood、Data on major public interests and other data are national core data,Implement a stricter management system。
Regions、Each department should follow the data classification and hierarchical protection system,Confirm this region、This department and related industries、Specific directory of important data in the field,Enter key protection for cataloged data。
Article 22: The establishment of centralized unity of the country、Efficient and authoritative data security risk assessment、Report、Information Sharing、Monitoring and early warning mechanism。The national data security coordination mechanism coordinates relevant departments to strengthen the acquisition of data security risk information、Analysis、Research and Judgment、Early warning work。
Article 23: The state establishes a data security emergency response mechanism。A data security incident occurred,m88 best betting websiterelevant competent authorities should activate emergency plans in accordance with the law,Take corresponding emergency measures,Prevent the expansion of harm,m88 online bettingEliminate safety hazards,And promptly release public-related warning information to the society。
m88 slot machine casinoArticle 24: The state establishes a data security review system,Conduct a national security review of data processing activities that affect or may affect national security。
The security review decision made in accordance with the law is final.
Article 25 The state shall safeguard national security and interests、Data belonging to controlled items related to the fulfillment of international obligations shall be exported in accordance with the law。
Article 26 Investments by any country or region related to data and data development and utilization technology、Discriminatory prohibitions against the People’s Republic of China in trade and other aspects、Restrictions or other similar measures,The People’s Republic of China may take reciprocal measures against the country or region based on the actual situation。
Chapter 4 Data Security Protection Obligations
Article 27 Data processing activities shall be carried out in accordance with the law、Provisions of regulations,Establish and improve the full-process data security management system,Organize data security education and training,Take corresponding technical measures and other necessary measures,Ensure data security。Use the Internet and other information networks to carry out data processing activities,Should be based on the network security level protection system,Perform the above data security protection obligations。
Processors of important data should clearly identify the person in charge of data security and the management organization,Implement data security protection responsibilities。
Article 28: Carry out data processing activities and research and develop new data technologies,Should be conducive to promoting economic and social development,Promote people’s well-being,Conforming to social morality and ethics。
Article 29 Risk monitoring shall be strengthened when carrying out data processing activities,Data security flaw found、When there are risks such as vulnerabilities,Remedial measures should be taken immediately;When a data security incident occurs,Disposal measures should be taken immediately,Inform users promptly and report to relevant authorities in accordance with regulations。
Article 30: Processors of important data shall conduct regular risk assessments of their data processing activities in accordance with regulations,And submit a risk assessment report to the m88 best betting websiterelevant competent authorities。
The risk assessment report should include the types of important data processed、Quantity,Instances of carrying out data processing activities,Data security risks and countermeasures, etc.。
Article 31: Outbound security management of important data collected and generated by operators of critical information infrastructure during operations within the territory of the People’s Republic of China,The provisions of the "Cybersecurity Law of the People's Republic of China" apply;Measures for the outbound security management of important data collected and generated by other data processors during their operations within the territory of the People’s Republic of China,Developed by the national cybersecurity and informatization department in conjunction with relevant departments of the State Council。
Article 32 Any organization、Personally collected data,Should be adopted legally、The right way,Do not steal or obtain data in other illegal ways。
Law、Administrative regulations on collection、Purpose of using data、The scope is specified,should be in law、Collected within the purpose and scope specified in administrative regulations、Usage data。
Article 33: Services provided by institutions engaged in data transaction intermediary services,Data providers should be required to explain the source of the data,Verify the identities of both parties to the transaction,And keep it for review、Transaction record。
Article 34 Law、Administrative regulations stipulate that the provision of data processing-related services requires an administrative license,Service providers should obtain licenses in accordance with the law。
Article 35 Public Security Organs、National security agencies obtain data for the purpose of safeguarding national security or investigating crimes in accordance with the law,Should be in accordance with relevant national regulations,After strict approval procedures,Proceed in accordance with the law,Related organizations、Individuals should cooperate。
Article 36 International treaties concluded or acceded to by the competent authorities of the People’s Republic of China and the People’s Republic of China in accordance with relevant laws、Agreement,Or in accordance with the principle of equality and reciprocity,Processing requests for data from foreign judicial m88 online bettingor law enforcement agencies。Not approved by the competent authority of the People’s Republic of China,Domestic organizations、Individuals are not allowed to provide data stored in the People's Republic of China to foreign judicial or law enforcement agencies。
Chapter 5 Government Data Security and Openness
Article 37: The state vigorously promotes the construction of e-government,Improving the scientific m88 online bettingnature of government data、Accuracy、Timeliness,Improve the m88 best betting websiteability to use data to serve economic and social development。
Article 38: Collection required by state agencies to perform statutory duties、Usage data,Should be in accordance with the law within the scope of performing their statutory duties、Conducted in accordance with the conditions and procedures stipulated in administrative regulations;Personal privacy learned in the performance of duties、Personal information、Business Secret、Confidential business information and other data shall be kept confidential in accordance with the law,Do not disclose or illegally provide to others。
Article 39: State organs shall act in accordance with the law、Provisions of administrative regulations,Establish and improve the data security management system,Implement data security protection responsibilities,Guarantee the security of government data。
Article 40: State agencies entrust others with construction、Maintain e-government system,Storage、Processing government data,Should go through strict approval process,And shall supervise the trustee to perform corresponding data security protection obligations。The trustee shall comply with the law、Perform data security protection obligations in accordance with regulations and contracts,No unauthorized retention、Use、Leak or provide government data to others。
Article 41: State organs shall abide by justice、Fair、Principle of convenience,Timely as per regulations、Accurately disclose government data。Except those not allowed to be disclosed according to law。
Article 42: The state formulates an open catalog of government data,Building unified specifications、Interconnection、Secure and controllable open government data platform,Promote the open utilization of government data。
Article 43 Law、Organizations with the function of managing public affairs authorized by regulations to carry out data processing activities to perform legal duties,The provisions of this chapter apply。
Chapter 6 Legal Liability
Article 44: m88 best betting websiterelevant competent authorities in performing data security supervision responsibilities,Discover that data processing activities have significant security risks,Relevant organizations can be targeted according to the prescribed authority and procedures、Personal interview,And request relevant organizations、Individuals take measures to make corrections,Eliminate hidden dangers。
Article 45 Organizations that carry out data processing activities、Individual failure to perform Article 27 of this Law、Article 29、Data security protection obligations stipulated in Article 30,Ordered to make corrections by the m88 best betting websiterelevant competent authorities,Give warning,A fine of not less than 50,000 yuan but not more than 500,000 yuan may be imposed,The directly responsible person in charge and other directly responsible personnel may be fined not less than RMB 10,000 but not more than RMB 100,000;Refuse to correct or cause serious consequences such as massive data leakage,A fine of not less than 500,000 yuan but not more than 2 million yuan,And can order the suspension of relevant business、Closed for rectification、Revoke relevant business license or revoke business license,A fine of not less than RMB 50,000 but not more than RMB 200,000 shall be imposed on the directly responsible person in charge and other directly responsible personnel。
Violation of national core data management system,Endangering national sovereignty、Security and development interests,A fine of not less than RMB 2 million but not more than RMB 10 million shall be imposed by the m88 best betting websiterelevant competent authorities,And ordered to suspend relevant business according to the situation、Closed for rectification、Revoke relevant business license or revoke business license;Constituting a crime,Pursuing criminal responsibility according to law。
Article 46 Violation of Article 31 of this Law,Providing important data to overseas,Ordered to make corrections by the m88 best betting websiterelevant competent authorities,Give warning,A fine of not less than 100,000 yuan but not more m88 live casino and sports bettingthan 1 million yuan may be imposed,The directly responsible person in charge and other directly responsible personnel may be fined not less than RMB 10,000 but not more than RMB 100,000;Serious circumstances,A fine of not less than 1 million yuan but not more than 10 million yuan,And can order the suspension of relevant business、Closed for rectification、Revoke relevant business license or revoke business license,A fine of not less than RMB 100,000 but not more than RMB 1,000,000 shall be imposed on the directly responsible person in charge and other directly responsible persons。
Article 47: Institutions engaged in data transaction intermediary services fail to perform the obligations stipulated in Article 33 of this Law,Ordered to make corrections by the m88 best betting websiterelevant competent authorities,Confiscation of illegal gains,A fine of not less than one time but not more than ten times the illegal income,No illegal income or illegal income of less than 100,000 yuan,A fine of not less than 100,000 yuan but not more than 1 million yuan,And can order the suspension of relevant business、Closed for rectification、Revoke relevant business license or revoke business license;A fine of not less than RMB 10,000 but not more than RMB 100,000 shall be imposed on the directly responsible person in charge and other directly responsible persons。
Article 48 Violation of Article 35 of this Law,Refuses to cooperate with data retrieval,Ordered to make corrections by the m88 best betting websiterelevant competent authorities,Give warning,A fine of not less than RMB 50,000 but not more than RMB 500,000,A fine of not less than RMB 10,000 but not more than RMB 100,000 shall be imposed on the directly responsible person in charge and other directly responsible persons。
Violation of Article 36 of this Law,Providing data to foreign judicial m88 online bettingor law enforcement agencies without approval from the competent authority,Warning given by m88 best betting websiterelevant competent authorities,A fine of not less than 100,000 yuan but not more m88 live casino and sports bettingthan 1 million yuan may be imposed,The directly responsible person in charge and other directly responsible personnel may be fined not less than RMB 10,000 but not more than RMB 100,000;causing serious consequences,A fine of not less than one million yuan but not more than five million yuan,And can order the suspension of relevant business、Closed for rectification、Revoke relevant business license or revoke business license,A fine of not less than RMB 50,000 but not more than RMB 500,000 shall be imposed on the directly responsible person in charge and other directly responsible personnel。
Article 49: State agencies fail to perform data security protection obligations stipulated in this law,The directly responsible person in charge and other directly responsible personnel shall be punished in accordance with the law。
Article 50: National staff performing data security supervision duties neglect their duties、Abuse of power、Practice for personal gain,Punishment according to law。
Article 51: Stealing or obtaining data in other illegal ways,Exclusion from carrying out data processing activities、Restricting competition,Or harm an individual、Organization’s legitimate rights and interests,In accordance with relevant laws、Penalty stipulated in administrative regulations。
Article 52 Violation of the provisions of this law,Causing harm to others,Bear civil liability according to law。
Violation of the provisions of this law,Constituting violations of public security management,Public security management penalties in accordance with the law;Constituting a crime,Pursuing criminal responsibility according to law。
Chapter 7 Supplementary Provisions
Article 53: Carry out data processing activities involving state secrets,The "Law of the People's Republic of China on Safeguarding State Secrets" and other laws shall apply、Provisions of administrative regulations。
In statistics、Carry out data processing activities in archival work,Carry out data processing activities involving personal information,Should also comply with relevant laws、Provisions of administrative regulations。
Article 54 Measures for the Security Protection of Military Data,To be separately formulated by the Central Military Commission in accordance with this law。
Article 55 This Law Since2021Year9month1Effective from today.