下面是小编为大家整理的【中英文对照版】网络安全审查办法(2021),供大家参考。
1 网络安全审查办法(2021) Measures for Cybersecurity Review (2021) 【中英文对照版】
发布部门:国家互联网信息办公室 国家发展和改革委员会(含原国家发展计划委员会、原国家计划委员会) 工业和信息化部 公安部 国家安全部 财政部 商务部 中国人民银行 国家市场监督管理总局 国家广播电视总局 中国证券监督管理委员会 国家保密局 国家密码管理局
发文字号:国家互联网信息办公室、中华人民共和国国家发展和改革委员会、中华人民共和国工业和信息化部、中华人民共和国公安部、中华人民共和国国家安全部、中华人民共和国财政部、中华人民共和国商务部、中国人民银行、国家市场监督管理总局、国家广播电视总局、中国证券监督管理委员会、国家保密局、国家密码管理局令第8号 发布日期:2021.12.28
实施日期:2022.02.15 效力级别:部门规章
法规类别:网络安全管理 Issuing Authority :
Cyberspace Administration of China State Development & Reform Commission (incl. former State Development Planning Commission) Ministry of Industry & Information Technology Ministry of Public Security Ministry of State Security Ministry of Finance Ministry of Commerce People"s Bank of China State Administration for Market Regulation National Radio and Television Administration China Securities Regulatory Commission State Secrets Bureau State Encryption Administration
Document Number :Order No. 8 of the Cyberspace Administration of China, the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the Ministry of State Security, the Ministry of Finance, the Ministry of Commerce, the People"s Bank of China, the State Administration for Market Regulation, the National Radio and Television Administration, the National Administration of State Secrets Protection, and the State Cryptography Administration
Date Issued :12-28-2021
Effective Date :02-15-2022
Level of Authority :
Departmental Rules Area of Law :
Network Security Management Order of the Cyberspace Administration of China, the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the Ministry of State Security, the Ministry of Finance, the Ministry of Commerce, the People"s Bank of China, the State Administration for Market Regulation, the National Radio and Television Administration, the National Administration of State Secrets Protection, and the State Cryptography Administration 国家互联网信息办公室、中华人民共和国国家发展和改革委员会、中华人民共和国工业和信息化部、中华人民共和国公安部、中华人民共和国国家安全部、中华人民共和国财政部、中华人民共和国商务部、中国人民银行、国家市场监督管理总局、国家广播电视总局、中国证券监督管理委员会、国家保密局、国家密码管理局令
(No. 8) (第 8 号)
The Measures for Cybersecurity Review, as deliberated 《网络安全审查办法》已经
2 and adopted at the 20th executive meeting of the Cyberspace Administration of China on November 16, 2021, and with the approval of the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the Ministry of State Security, the Ministry of Finance, the Ministry of Commerce, the People"s Bank of China, the State Administration for Market Regulation, the National Radio and Television Administration, the China Securities Regulatory Commission, the National Administration of State Secrets Protection, and the State Cryptography Administration, are hereby issued and shall come into force on February 15, 2022. 2021 年 11 月 16 日国家互联网信息办公室 2021 年第 20 次室务会议审议通过,并经国家发展和改革委员会、工业和信息化部、公安部、国家安全部、财政部、商务部、中国人民银行、国家市场监督管理总局、国家广播电视总局、中国证券监督管理委员会、国家保密局、国家密码管理局同意,现予公布,自 2022 年2 月 15 日起施行。
Zhuang Rongwen, Director of the Cyberspace Administration of China 国家互联网信息办公室主任 庄荣文
He Lifeng, Director of the National Development and Reform Commission 国家发展和改革委员会主任 何立峰
Xiao Yaqing, Minister of Industry and Information Technology 工业和信息化部部长 肖亚庆
Zhao Kezhi, Minister of Public Security 公安部部长 赵克志
Chen Wenqing, Minister of State Security 国家安全部部长 陈文清
Liu Kun, Minister of Finance 财政部部长 刘 昆
Wang Wentao, Minister of Commerce 商务部部长 王文涛
Yi Gang, Governor of the People"s Bank of China 中国人民银行行长 易 纲
Zhang Gong, Head of the State Administration for Market Regulation 国家市场监督管理总局局长 张 工
Nie Chenxi, Head of the National Radio and Television Administration 国家广播电视总局局长 聂辰席
Yi Huiman, Chairman of the China Securities Regulatory Commission 中国证券监督管理委员会主席 易会满
Li Zhaozong, Head of the National Administration of State Secrets Protection 国家保密局局长 李兆宗
Liu Dongfang, Head of the State Cryptography Administration 国家密码管理局局长 刘东方
3
December 28, 2021 2021 年 12 月 28 日
Measures for Cybersecurity Review 网络安全审查办法
Article 1 In accordance with the National Security Law of the People"s Republic of China and the Cybersecurity Law of the People"s Republic of China, the Data Security Law of the People"s Republic of China, and the Regulation on Protecting the Security of Critical Information Infrastructure, these Measures are developed for purposes of ensuring the security of the supply chain of critical information infrastructure, cybersecurity and data security and safeguarding national security.
第一条 为了确保关键信息基础设施供应链安全,保障网络安全和数据安全,维护国家安全,根据《中华人民共和国国家安全法》、《中华人民共和国网络安全法》、《中华人民共和国数据安全法》、《关键信息基础设施安全保护条例》,制定本办法。
Article 2 If a critical information infrastructure operator purchases network products and services or an online platform operator conducts data processing, either of which affects or may affect national security, a cybersecurity review shall be carried out according to these Measures.
第二条 关键信息基础设施运营者采购网络产品和服务,网络平台运营者开展数据处理活动,影响或者可能影响国家安全的,应当按照本办法进行网络安全审查。
Key information infrastructure operators and online platform operators specified in the preceding paragraph are collectively referred to as the parties. 前款规定的关键信息基础设施运营者、网络平台运营者统称为当事人。
Article 3 For cybersecurity review, the focus shall be on the combination of preventing network security risks and promoting the application of advanced technologies, the combination of process fairness and transparency and intellectual property protection, the combination of ex-ante review and ongoing supervision, and the combination of enterprise commitment and social supervision. Such review shall be conducted from the aspects of, among other factors, the security of products and services and data processing activities, and the possible national security risks.
第三条 网络安全审查坚持防范网络安全风险与促进先进技术应用相结合、过程公正透明与知识产权保护相结合、事前审查与持续监管相结合、企业承诺与社会监督相结合,从产品和服务以及数据处理活动安全性、可能带来的国家安全风险等方面进行审查。
4 Article 4 Under the leadership of the Central Cyberspace Affairs Commission, the Cyberspace Administration of China shall establish a national working mechanism for cybersecurity reviews in conjunction with the National Development and Reform Commission, the Ministry of Industry and Information Technology, the Ministry of Public Security, the Ministry of State Security, the Ministry of Finance, the Ministry of Commerce, the People"s Bank of China, the State Administration for Market Regulation, the National Radio and Television Administration, China Securities Regulatory Commission, the National Administration of State Secrets Protection, and the State Cryptography Administration.
第四条 在中央网络安全和信息化委员会领导下,国家互联网信息办公室会同中华人民共和国国家发展和改革委员会、中华人民共和国工业和信息化部、中华人民共和国公安部、中华人民共和国国家安全部、中华人民共和国财政部、中华人民共和国商务部、中国人民银行、国家市场监督管理总局、国家广播电视总局、中国证券监督管理委员会、国家保密局、国家密码管理局建立国家网络安全审查工作机制。
The Cybersecurity Review Office shall be based in the Cyberspace Administration of China, and shall be responsible for formulating cybersecurity review systems and standards and organizing cybersecurity reviews. 网络安全审查办公室设在国家互联网信息办公室,负责制定网络安全审查相关制度规范,组织网络安全审查。
Article 5 If a key information infrastructure operator purchases network products and services, it shall anticipate the potential national security risks that may arise from the use of such products and services. Those that affect or may affect national security shall be reported to the Cybersecurity Review Office for cybersecurity review.
第五条 关键信息基础设施运营者采购网络产品和服务的,应当预判该产品和服务投入使用后可能带来的国家安全风险。影响或者可能影响国家安全的,应当向网络安全审查办公室申报网络安全审查。
The department for the security protection of critical information infrastructure may develop guidelines for the anticipation of its own industry or field. 关键信息基础设施安全保护工作部门可以制定本行业、本领域预判指南。
Article 6 For the purchasing activities subject to applying for cybersecurity reviews, critical information infrastructure operators shall, through purchase documents and agreements, require product and service providers to cooperate with cybersecurity reviews, including the commitments not to use their convenience of providing products and services to illegally obtain user data or control and manipulate user equipment and not to interrupt product supply or necessary technical support without justifiable grounds.
第六条 对于申报网络安全审查的采购活动,关键信息基础设施运营者应当通过采购文件、协议等要求产品和服务提供者配合网络安全审查,包括承诺不利用提供产品和服务的便利条件非法获取用户数据、非法控制和操纵用户设备,无正当理由不中断产品供应或者必要的技术支持服
5 务等。
Article 7 An online platform operator who have more than 1 million users" personal information must report to the Cybersecurity Review Office for cybersecurity review when going public abroad.
第七条 掌握超过 100 万用户个人信息的网络平台运营者赴国外上市,必须向网络安全审查办公室申报网...