Ella Gorian

DOI: https://doi.org/10.7256/2454-0595.2021.5.36237

2021-05-01

Административное и муниципальное право

Abstract:The object of this research is the legal relations in the sphere of regulation of personal data security in the financial and banking sector of the People's Republic of China. The characteristics is given to the current legislation of China (Civil Code, Personal Information Protection Law, and Cybersecurity Law), existing or draft bylaws in the field of personal data security. Attention is given the second revision of the draft law on personal information protection, as well as determination of the institutional mechanism for ensuring personal data security. The article examines the peculiarities of regulation of relations in the sphere of ensuring personal data security in the financial and banking sector, as well as characterizes  the role of the financial regulator in this mechanism. The development of the mechanism for personal data protection is at completion stage; besides the adoption of the Civil Code of the People's Republic of China, which establishes the framework for regulation, two of the three special laws – Personal Information Protection Law and Cybersecurity Law – have already been adopted. The flagship law on Personal Information Protections is expected to be adopted by 2021. The aforementioned laws encompass all spheres of information security and ensure strong data protection regime: outline the scope of regulation, objects and subject composition, responsibility, and institutional control mechanism. The legal regime covers such aspects of relations as personal data of deceased persons, persons with reduced capabilities (due to age and health), as well as transnational data transfer. At this point, the financial and banking sector features a number of bylaws that set strict standards for ensuring personal information protection. The leading role in this mechanism is played by the financial regulator – the People's Bank of China. The standards adopted by the People’s Bank of China require further examination, which would allow formulating recommendations for the improvement of the Russian legal system.

English Else

Le Cheng,Jiaxuan Qiu,Yi Yang

DOI: https://doi.org/10.1515/ijld-2023-2014

2023-01-01

International Journal of Legal Discourse

Abstract:Based on a self-built corpus of Chinese cybersecurity legislation, this study explores the construction of China’s official cybersecurity discourse via deconstructing cybersecurity legislation from the perspective of system theory. Analysis focusing on the internal features of the discourse obtains the themes, actors, and legal relations in China’s cybersecurity legislation. Among four pairs of legal relations, system theory provides an explanation for the tension between public-private legal relationship and private-private legal relationship, that is, whether the legislative system chooses to delegate network operators with administrative function depends on how the system perceives the nature of cybersecurity issues and integrate new issues into securitization process. Furthermore, the external features of legislation discourse reveal the changes in the number of all levels of cybersecurity legislation. It is found that the coupling resonance of the political system and the legal system promotes the development of relevant legislation, and facilitates the self-development legislation system to transfer from diversified legislation to unified legislation.

Rogier Creemers

DOI: https://doi.org/10.1163/25427466-06020001

2023-03-17

China Law and Society Review

Abstract:Abstract Cybersecurity has become a key regulatory area in China’s rapidly digitizing society, economy, and state. The leadership deems it critical in providing adequate security guarantees for the realization of the ambitious “informatization” policy, symbolized by the passing of the Cybersecurity Law in 2016. Cybersecurity has also become integrated with overall national security, at a time when Chinese policy has become increasingly securitized. What, then, does this mean in practice? How do authorities conceive of cybersecurity and attempt to retrofit regulatory frameworks into an already well-established digital environment. This paper reviews the various components of the cybersecurity regime established by the Cybersecurity Law. It discusses how external circumstances have facilitated or obstructed the advance of regulation and implementation and demonstrates how cybersecurity is embedded in the broader processes of reform led by the Chinese Communist Party.

Jianwen Zhang,Huan Yang

DOI: https://doi.org/10.17803/2587-9723.2021.4.074-081

2021-09-16

Legal Science in China and Russia

Abstract:Digital data is a new factor of production in the information age. In the context of the rapiddevelopment of the latest technologies, such as big data, artifi cial intelligence, cloud computing andblockchain, as well as the continuous development of the digital economy, digital data plays an important role in the development of enterprises. Data security issues affect the development of a countryand its security, are related to public interests, and are also closely related to the personal rights of its citizens. It is necessary to regulate data protection at the legal level.July 2, 2020 the website of the National People’s Congress published the Data Security Law of the People’s Republic of China (draft), which systematically refl ects the current national point of view on data security and development, noting the improvement of data security to the level of state security. Like the Cybersecurity Law, it is a component of the general concept of national security, belongs to the highest level of law and has the highest legal force. This law is of great strategic importance for building a data protection system in the PRC.As the main law in the fi eld of data security management ,the Data Security Law has made certain breakthroughs in the defi nition of the concept of data. The concept of data in the Data Security Law is not limited to network data, but includes information recorded in electronic form and in other ways; the necessary extraterritorial consequences are provided for in the draft Data Security Law, which is of great importance for the protection of national sovereignty and civil rights of the People’s Republic of China; the relationship between data security protection, data development and use is clarifi ed, and the status of data in the development of the digital economy is clarifi ed through legislation in order to fully demonstrate the economic value of data; the main body responsible for security, supervision and overall coordination has been created, the main responsibilities of various regions and departments have been increased, supervision responsibilities have been redistributed, which is more in line with the needs and current situation in data security supervision; a data classifi cation system has been established that promotes the relevant work of data security surveillance agencies; an appropriate mechanism has been created at the state level in the system of data security risk assessment, reporting, information exchange, monitoring and early warning; a data export control system and a mutual data protection system were created, as well as the construction of a cross-border data fl ow system of the PRC was standardized; data protection obligations in organizations and for individuals performing data operations and performing data protection duties were clarifi ed; adhere to the principles of security and development and provide measures to support and promote data security and development; institutional measures have been taken to ensure the security of government data.The draft law on data security contains a comprehensive concept of information security. The upcoming Law on Data Security will contain recommendations and basic principles for ensuring data security and development. All industries will have to pay attention to an integrated management system and various supporting provisions to ensure data security and development. Gradually, a favorable environment will be created for the effective use of data and safe development, which will signifi cantly contribute to the rapid development of informatization and digitization.The Data Security Law includes all types of information in the fi eld of protection. In the future, the Law on Data Security should pay attention to the Law on Cybersecurity, Law on State Security and Law on the Protection of Personal Information, which are under development, supplement and improve today’s relatively disparate legislation related to data security. The laws and regulations of the PRC on data security will be carefully developed on the basis of these three laws in order to fully implement the development, use of data and industrial development, thereby promoting new provisions in the creation of a legal data security system.

S. V. Korolev,I. S. Lyalina

DOI: https://doi.org/10.17803/2311-5998.2023.102.2.162-167

2023-04-29

Abstract:The history of the emergence and subsequent cross-border evolution of Internet law around the world is, in a sense, paradoxical. The creators of the first version of the Internet as a national security information system hardly imagined that the legal regulation of the Internet, primarily in Western Europe, would fall under the influence of the Romano-Germanic legal system. We are talking about the basic division of the national legal order for continental Europe into public law (jus publicum) and private law (jus privatum). Accordingly, cybersecurity and other public needs of the Internet in continental Europe have become the subject of public Internet law. On the contrary, the specifics and protection of the individual rights of users and entrepreneurs in the Internet space have become the subject of regulation of private Internet law. In the context of such differentiation of the Internet space, the experience of the PRC is of particular interest, where the ratio of public need and private interest, due to the specifics of Chinese civilization, cannot be interpreted in the spirit of Western European dualism.

Chunhui Wang,Le Cheng,Jiamin Pei

DOI: https://doi.org/10.1515/ijld-2020-2025

2020-01-01

International Journal of Legal Discourse

Abstract:This study aims to examine China's approach to the cyber governance, especially the discourse of Internet information, through a detailed investigation of the Provision on Ecological Governance of Internet Information Content. The findings in this study indicate that China's approach to the governance of Internet information possesses the following essential features: the clarification of the dialectical relationship between Internet freedom and order, the unification of carrying forward positive energy and restraining negative information, the people-oriented and bottom-up participatory approach to the ecological governance of Internet information, as well as the strictly prohibitive conducts of three key administrative counterparts. The underlying reasons for choosing such an ecological path to regulate the Internet information can be attributed to China's national configuration, including its political system, cultural tradition, status quo of the Internet development, and the pervasive cybersecurity challenges facing its society. It is thus argued that the governance of Internet information, characteristic of spatiality, can merely be construed within specific socio-political and cultural contexts. Albeit the spatiality of the governance of the Internet information, China's approach can serve as a model for other nations to develop their own governance discourses pertaining to the Internet information. This study aims not only to unpack the Chinese discourse of the ecological governance of Internet information but also to provide useful insights into the discourse and practices of global cyber governance.

Le Cheng,Xiuli Liu

DOI: https://doi.org/10.1515/ijld-2022-2063

2022-01-01

International Journal of Legal Discourse

Abstract:Cyberspace, with the rapidly growing network of users and communication technologies, provides venues for myriad social and political interactions. The very technology that enables the development of cyberspace itself also makes detailed and cumulative observation possible. This study aims to investigate cyber discourse in the context of China from the perspective of political and legal integration. Theoretical insight is transformed from viewing cyberspace as a research object to regarding it as a research ontology. To fill in this uncharted domain, this study aims to examine (a) the hidden connotations of the political discourse in cyberspace, (b) the new features of legal regulation in cyberspace, and (c) the relation between political discourse and legal practice. Centering on both political and legal discourse on cyberspace, the findings of this study indicate that there is a dialectical relationship between political discourse and legal practice in cyberspace. With the findings, this study contributes to the discursive construction by extending the discourse studies into cyberspace and integrating the discourse studies with politics and law.

A. S. Ozerova

DOI: https://doi.org/10.17803/1994-1471.2022.138.5.196-206

2022-04-19

Actual Problems of Russian Law

Abstract:The paper analyzes the norms of criminal law, which enshrined the protection of personal information in the PRC. The tendencies of law enforcement practice in criminal cases, the subject of which are personal data, are being studied. Increased criminal law protection of personal information of Chinese citizens is due to the emergence of a social credit system. The paper discusses the features of the functioning of the social credit system, as well as the impact of this system on the rights and freedoms of the individual in the context of digitalization. Interest in the system under consideration is due to the significant influence exerted by the PRC on the formation of the legal culture of other countries. The author concludes that a significant degree of state intrusion into the private space of citizens correlates with effective measures to protect personal information. The Chinese case shows the desire of the state to protect the personal data of citizens, including through criminal law means. At the same time, cases of law enforcement are becoming more common, especially in criminal law.

Le Cheng,Xitao Hu

DOI: https://doi.org/10.1177/21582440241299677

IF: 2.032

2024-01-01

SAGE Open

Abstract:Personal information security has become a critical concern in the digital era, so it is imperative to clearly delimit and define personal information. This study examines personal information legislation from a sociosemiotic perspective to identify the similarities and differences between legislation in the United States and China. It reviews the evolution of personal information in both countries, and explores their differences in the definition of privacy, the status quo of personal information legislation, the definition of personal information and cross-border personal information flow. The findings indicate that (1) personal information, noted as a social sign, has context-sensitive characteristics, i.e., spatiality and temporality; (2) the meaning-making process of personal information is a continuum; and (3) there exists an intersemiotic operation between language, law and society. Such a sociosemiotic exploration can shed light on relevant studies in the sociosemiotic analysis of legal discourse in particular as well as other context-sensitive discourses in general.

cuihong cai

DOI: https://doi.org/10.1142/S2377740015500189

2015-01-01

China Quarterly of International Strategic Studies

Abstract:"Cybersecurity" has become a topic of great strategic importance concerning both national and international security, especially after Edward Snowden's disclosure of the secret surveillance programs of the U. S. government. With the largest number of netizens in the world, China holds its own views, beliefs, and assumptions on this topic. To understand the current disputes over international cybersecurity and to identify challenges and opportunities presented to international cybersecurity cooperation, it is of great significance to examine "cybersecurity" in the Chinese context. This article deals with the following issues from a Chinese perspective: cyberspace and cybersecurity in general, China's vital cybersecurity interests and threatening challenges, and barriers to further progress in international cybersecurity cooperation. It is concluded that China's understanding of cybersecurity, which derives from its unique national conditions, does not limit its willingness to participate in international cybersecurity cooperation.

Lei Wang

DOI: https://doi.org/10.1365/s43439-021-00025-8

2021-04-09

International Cybersecurity Law Review

Abstract:At this stage, the globalization of cyberspace cooperation is deepening. At the same time, the rules of data governance, how to combat cybercrime, and how to limit the abuse of Internet technology are all new challenges. Therefore, it is urgent for all parties in the world to help and respond together. Network management is a common issue faced by all countries. It is necessary to reach consensus and establish effective rules and procedures in terms of improving the network management system, strengthening the construction of management mechanisms, and promoting the formation of international cooperation conventions and principles. China’s recent legislative work on cybersecurity and data security, as well as related data security measures, provide a good reference for the collaborative management of global cybersecurity. Internet governance is a work involving the participation of the whole society, and it is inseparable from the participation of countries and netizens in the world. This article intends to propose relevant principles for global Internet governance by examining China’s cybersecurity and data security related legislation.

Le Cheng,Xin Wang

DOI: https://doi.org/10.1080/10350330.2018.1487110

2018-01-01

Social Semiotics

Abstract:Issues concerning cyber asset in cyberspace have intrigued the legislators, the judicial practitioners, the netizens, and even the onlookers in real world; simultaneously, academia is discussing the disputes aroused by this intangible object. However, various studies in the past refined the discussions in domains of law but the refinement fails to clarify the cyber-asset issues and to resolve the disputes. Therefore, a better understanding of what cyber asset is can be achieved by exploring cyber asset in the judicial discourses from a socio-semiotic perspective. In this study, judicial discourses are tantamount to the semiotic resource. Then, incorporating in a generic model of judicial discourses, we examine (1) how cyber asset as a sign has been framed by agents of the judicial institution of the People's Republic of China; (2) how the judicial institution justified their framing; and (3) whether any temporal change in the semiotic system of cyber asset took place. Furthermore, by applying the five questions introduced by Van Leeuwen, we examine why the quandaries of cyber asset are aroused. In conclusion, we propose that the cyber-asset disputes can hardly be resolved unless joint efforts are made by the legislature and the judiciary of the People's Republic of China.

Le Cheng,Jiamin Pei,Marcel Danesi

DOI: https://doi.org/10.1080/10350330.2019.1587843

2019-01-01

Social Semiotics

Abstract:Based on one specially created corpus of U.S. cybersecurity-related laws, this study employs the corpus approach to examine the referent objects and securitizing actors in U.S. cybersecurity legislative discourse, which are two critical issues in constructing security, including cybersecurity. Through corpus data analysis, it is found that unlike traditional security, cybersecurity has become more people-oriented in terms of referent objects with critical infrastructure as a key referent object. Additionally, the role of private sectors and cooperative security are highlighted in U.S. cybersecurity legislative discourse. From a sociosemiotic perspective, it is noted that the meaning-making process of U.S. cybersecurity not only is conveyed by the texts but also interacts with other sign systems, such as historical background, cyberspace as a virtual realm and social contexts, which suggests that the specific meanings of signs constructing cybersecurity and cybersecurity itself should be interpreted in specific temporal or spatial contexts. Furthermore, a sociosemiotic approach to U.S. cybersecurity legislative discourse also offers valuable insights to how signs and concepts in cybersecurity contribute to sketching a holistic landscape of cybersecurity and further security on a large scale.

Eugenie Shen,Alex Roberts

DOI: https://doi.org/10.69554/iiwk3206

2023-03-01

Abstract:To protect public and societal interest, ensure network security and safeguard national security, China has passed a series of data security and data protection laws in the past few years which, due to the cross-border data transfer or sharing restrictions under these laws, pose particular challenges for global institutions, especially financial institutions, which need information from their subsidiaries or counterparts in China. This paper summarises the three principal laws that govern the collection, storage, transfer and use of data within China and what global institutions with connections to China need to know.

,Maria A. Egorova

DOI: https://doi.org/10.18572/1999-4788-2024-3-17-26

2024-09-12

Business law

Abstract:In the article, the author analyzes the mechanisms of achieving cyber sovereignty by the People›s Republic of China through the prism of the impact of this policy on the state of competition in the information and digital commodity markets, as well as the correlation of the legal and economic effect of such a policy with the policy of protectionism. The author believes that the policy pursued by China in relation to the creation of a sovereign Internet can be applied by other developing countries both for the purpose of ensuring their information independence and security, and for the purpose of creating conditions for the emergence of companies competing with the global giants of the information technology industry in such states.

Gong Nan,,

DOI: https://doi.org/10.21638/spbu14.2023.110

2023-01-01

Abstract:In the development of China’s Internet industry and digital economy, great importance is attached to the protection of personal data and seriously protects the legitimate rights and interests of citizens’ personal data. Generally speaking, with the development of technology and industry, China’s personal data protection has gone from “indirect protection” to “direct protection” and then to “comprehensive protection”. In the early years of China’s Internet industry, the indirect protection of personal data was mainly achieved through the protection of the “rights to privacy” of citizens. Since the Internet industry of the People’s Republic of China has entered a stage of rapid development, the state began to directly protect personal data in accordance with the provisions of the Chapter “Network Information Security” established in the “Cyber Security Law” of 2016, establishes several principles for the collection and use of personal data, protection requirements information security. Until November 1, 2021, the “Personal Data Protection Law of the People’s Republic of China” (PPD) was adopted to comprehensively protect personal data, reflecting the ideology of development focused on bringing the people to the center, meeting the new needs and aspirations of the people in the new era, and also proposing the creation international digital legal order “Chinese version”. The PPD further expands the scope of the object of personal data protection, comprehensively establishes the rights of individuals to process data, strengthens the obligations to protect personal data processors, creates strict rules for the protection of sensitive personal data and regulates the processing of personal data by public authorities, as well as improving the means of legal protection of personal data, all of which are important points in the legislation. The law incorporates advanced foreign experience, while emphasizing Chinese wisdom, the spirit of the times, and practicality in accordance with the reality of China.

Zheng-ming Li,Qile He,Xi Guo

DOI: https://doi.org/10.1109/TEM.2020.3029019

IF: 8.702

IEEE Transactions on Engineering Management

Abstract:The rising number of cyberattacks and cybercriminals around the world has put major threats on the cybersecurity and even the national security of many countries. In response, governments started to introduce policies and regulations to improve cybersecurity. It is increasingly realized that effective cybersecurity policy making largely depends upon optimized policy attention and the effective use of public resources. This article draws on the “attention-driven policy choice model” and the punctuated equilibrium theory to analyze the relationship between policy attention allocation, policy agenda setting, and the choice of policy tools in different periods of cybersecurity development. Using Chinese cybersecurity development as the main context, content analysis of policy texts was conducted to examine the pathway of cybersecurity policy development in China between 1994 and 2019. The findings suggest that there is evidence for punctuated equilibrium with policy stagnation and incrementality being broken up by major events which shift policy attention and subsequently affects agenda setting and the choice of policy tools. The findings of this article will provide important implications for the development of strategic foresight of cybersecurity and the effective use of public resources to improve cybersecurity.

Political Science,Computer Science

Ekaterina A. Mikhalevich,Михалевич Екатерина Андреевна

DOI: https://doi.org/10.22363/2313-1438-2021-23-2-254-264

2021-12-15

RUDN Journal of Political Science

Abstract:The transformation of cyber sovereignty into an independent concept is a recent phenomenon, and thus its development and distribution is currently underway, which indicates the relevance of studying this topic. Being one of the most influential actors of contemporary international politics, China uses the concept of cyber sovereignty to promote its national interests and is able to shape the rules in the highly volatile field of international cyberspace. The study is based on quantitative and qualitative content analysis of legal acts and concept of Chinas cyber sovereignty. The author defines a concept of cyber sovereignty and identifies its place in the system of international law and in the architecture of international information security. Chinas concept of cyber sovereignty does not imply the division of a common cyberspace into separate segments but contributes to the creation of a cyber community of a common destiny, in which states can exercise their rights to govern the Internet on the principles of equality, justice, cooperation, peace and rule of law. It is concluded that this concept can be used as the basis for the formation of an international legal framework that regulates relations between states in the field of cyberspace.

孙雯

DOI: https://doi.org/10.3969/j.issn.1671-6604.2002.02.007

2002-01-01

Abstract:In recent years, the increasing number of cases of cyberspace crime have alerted lawmakers, legal experts and scholars all over the world. Legal sanctions against cases of cyberspace crime have become one of the important issues in legislation. In China, it is also of primary importance to have a complete cyberspace legislation including both civil and criminal laws. With numerous empirical case studies at hand, the paper is to start with the account of the unique features characteristic of the cases of cyberspace crime and then move on to compare and analyze how other countries make and enforce the law, thereby maintaining the status of information safety. The current laws and regulations related to the cases of cyberspace crime are primarily administrative and procedural ones in China. The brief description of related laws and statutes under the rubric of Chinese Criminal Law is far from complete in dealing with the largescale cases of cyberspace crime. It is crucial to cooperate with law enforcement officials in developed and developing countries, while coordinating effectively with local enterprises, government and social agencies, with a view to establishing a wideranging legal framework to protect cyberspace information safety.

XinYi Du,AiJiao Liu

DOI: https://doi.org/10.55014/pij.v6i1.326

2023-03-31

Pacific International Journal

Abstract:Cross-border data flow legislation is currently absent in several countries, and data ownership remains an issue. Data sovereignty is necessary for cross-border data movement. To preserve national interests in the growing data field, western countries violate the idea of sovereignty and attempt to construct a cross-border data circulation system within the framework of the western discourse system. Developing countries aim to localize data to protect their own data stockpiles and increments to safeguard national security. As a responsible country, China supports the formation of a cross-border data flow rule framework that aligns with development and security, protects data sovereignty, and promotes data integrity.