Chapter 2 Interpretation of the Cybersecurity Law

This chapter introduces the main contents of the Cybersecurity Law, and with reference to the

Law on Administrative Penalties for Public Security and the Criminal Law, providing an interpretation of the main articles to facilitate a general understanding and application of the Cybersecurity Law.

The objects of the Cybersecurity Law include network^[3] operators, network service providers, network platform, national management, law enforcement agencies, organizations and related organizations related to cybersecurity, and the vast number of netizens.

The scope of the Cybersecurity Law covers network operation security and network data(includes information) security, with the following refinements.

Firstly, cyberspace sovereignty, including domestic jurisdiction rights, independence rights, self-defense rights, inter-dependence sovereignty; jurisdiction rights over foreign attacks, including defense against cyberattacks, punishment against cybercrimes, diplomatic sanctions and asset freezing. Secondly, it establishes the national cybersecurity classified protection system. Thirdly, it clarifies the requirements of critical information infrastructure protection and cross-border transfer requirements for critical data relating to critical information infrastructure. Fourthly, it determines the responsibilities and obligations of network operators, network products and service providers. Fifthly, it safeguards of network information security and personal information. Sixthly, it is on important measures such as supervision, early warning, and emergency handling.