Internet policy in China

I came across this on Twitter and thought it was an interesting thing to share with Western eyes. It's nearly impossible to get a straight answer on what is and is not allowed here in China regarding the Internet. We generally just know whether it works or not...

The original document is in Chinese and here's basically what it says:

公安部第82号令: 互联网安全保护技术措施规定

Ministry of Public Security Decree No. 82:

"Internet security protection technology measures required"
(December 13, 2005 Ministry of Public Security published)

Order to strengthen and standardize the first Internet security technology, prevention, protection of the Internet network security and information security, the promotion of the Internet healthy and orderly development, and safeguarding national security, social order and public interests, under the "Computer Information Network and the Internet Security Protection and Management Measures" , the enactment of this provision.
Article II The term Internet security protection of technical measures is to protect the Internet network security and information security, to prevent crimes of technical facilities and technical methods.
The third Internet service providers, network use the unit is responsible for the implementation of Internet security protection technology measures and Internet security protection of technical measures to protect the normal functioning.
Article IV Internet service providers, networking using units shall establish a corresponding management system. Without user consent shall not be disclosed, disclosure of the user registration information, but laws and regulations, except as otherwise provided. Internet service providers, network use the unit to use the Internet security according to law, technical measures, must not use technical measures to protect Internet security violations of the user's freedom and privacy of correspondence.
Article V public security organs of public information network security supervision department is responsible for Internet security technology, the implementation of measures to implement supervision and management according to law.
Article Internet security protection technology measures should be in line with national standards. No national standards, should be consistent with public safety industry technical standards.
Article VII of the Internet service providers and networking using the units should implement the following Internet security protection technology measures: (a) to prevent computer viruses, network intrusion and attacks against network security matters sabotage or acts of technical measures;
(B) the important databases and systems major equipment redundant disaster back-up measures;
(C) record and retain a user logs in and out of time, calling number, account number, Internet address or domain name, and system maintenance logs of the technical measures;
(D) laws, regulations and rules and regulations should be implemented other security protection technical measures.
Article VIII provides Internet access service unit addition to the implementation of this provision provided for in Article VII of Internet security protection of technical measures, should also have the following functions to implement the security protection technology measures: (a) record and retain the user registration information;
(B) the use of the internal network address and the Internet network address translation means to provide users with access to services, be able to record and retain users of the Internet network address and the internal network address corresponding relationship; (3) records, tracking network running status, monitoring, Record network security incidents and other security auditing features.
Article IX to provide Internet information services unit addition to the provisions of Article VII of the implementation of this provision of Internet security protection of technical measures, should also have the following functions to implement the security protection technology measures:
(A) was found in a public information service to stop transmission of illegal information, and keep the relevant records;
(B) to provide news, publishing and electronic bulletin board services, and be able to record and retain information published content and release time;
(C) to establish portals, news sites, e-commerce sites, and can prevent websites, web pages have been tampered with, altered automatically after the recovery;
(D) to establish electronic bulletin board services, with user registration information and publishing information on the audit function;
(E) to establish an e-mail and on-line short message service, and be able to prevent, clear to send mass forgery, hide the true sender of the e-mail or short message tag.
Article X provides Internet data center services, units and units in addition to the implementation of this network to use the provisions of Article VII of the Internet security protection of technical measures, should also have the following functions to implement the security protection technology measures: (a) record and retain the user registration information;
(B) public information service found to stop transmission of illegal information, and keep the relevant records;
(C) networking using the unit using internal network address and the Internet network address translation means to provide users with access to services, be able to record and retain users of the Internet network address and the internal network address corresponding relationships.
Article XI providing Internet access service unit, in addition to the implementation of the provisions of Article VII of the Internet security protection of technical measures, should also install and run Internet Public Internet access workplace safety management system.
Article XII of the Internet service provider in accordance with the provisions taken by the Internet security protection technology measures should be consistent with public safety industry technical standards for networking interface.
Article XIII Internet service providers and networking using the units in accordance with the records retention provisions of the implementation of technical measures, it should be preserved for at least 60 days with a back-up records functions.
Article XIV of Internet service providers and networking using the unit may undermine the implementation of the following measures of Internet security protection technology acts:
(A) stop or in part without permission to stop the security protection technology facilities, technical means of operation;
(B) the deliberate destruction of security protection technology facilities;
(C) unauthorized deletion, tampering with security technology, facilities, technical means of operational procedures and records;
(D) changing the use of technical measures to protect the safety and scope;
(5) other technical measures to deliberately undermine the security or interfere with their function was normal play behavior.
15th in violation of the provisions of Article VII to the provisions of Article XIV, by the public security organs in accordance with "Computer Information Network and the Internet security protection and management measures" the provisions of Article XXI shall be punished.
16th The public security organ shall, within their jurisdiction in accordance with law Internet service providers and networking technology, the use of units of security measures for the implementation of the guidance, supervision and inspection. Supervision and inspection of public security organs in accordance with the law, Internet service providers, networking, using the units should attend the workshop. Public security organs of the supervision and inspection of the problems identified, it should suggest improvements to notify Internet service providers, networking rectification used in a timely manner. When the public security organs in the supervision and inspection, supervision and inspection personnel shall not be less than two, and shall produce law-enforcement identification.
Article XVII public security organs and their staff who violate this provision, there is abuse of power, nepotistic practices and corruption, the directly responsible persons in charge and other directly responsible persons shall be given administrative sanctions; constitutes a crime, they shall be held criminally responsible.
18th in the provisions referred to Internet service providers, is a point to provide Internet access services, Internet data center services, Internet information services and Internet access service providers. The term cluster utilization unit is defined as unit-based applications need to connect and use of the Internet unit.
The term to provide Internet data center services unit, is to provide hosting, leasing and rental services such as virtual space units.
The provisions of Article XIX since March 1, 2006 into effect.

Comments

Popular posts from this blog

The Twitter Experiment - Bringing Twitter to the Classroom at UT Dallas

Hillary Clinton's speech on Internet Freedom

Youku.com on THIS 中国 SIDE of the Great FireWall...