ISSUING AUTHORITY:

Cyberspace Administration of China

DATE OF ISSUANCE:

March 28, 2025

On March 28, 2025, Cyberspace Administration of China released the Cybersecurity Law (Revised Draft for Further Public Consultation) (“Revised Draft”), aims to align with stricter data regulations under the Data Security Law to address growing digital risks.

The Revised Draft increases penalties for critical infrastructure data breaches/system failures and non-compliant equipment providers, punishes the failure to remove illegal content with higher fines, tightens personal/cross-border data protections, and offers incentives for proactive correction of minor violations.

The Revised Draft underscores China’s focus on bolstering national security and public trust amid rapid digital transformation. By harmonizing penalties with existing laws, the Revised Draft reinforces corporate accountability while promoting compliance.

It also signals stricter oversight of critical infrastructure and global data flows, reflecting global cybersecurity trends. Multinational firms and tech operators should anticipate heightened compliance demands as China prioritizes data sovereignty and systemic resilience.

Reference:

关于公开征求《中华人民共和国网络安全法（修正草案再次征求意见稿）》意见的通知