Skip to main content
SpringerLink
Log in

Regulation and deregulation: understanding the evolution of the Chinese cryptography legal regime from the newly released Cryptography Law of China

  • Published:
International Cybersecurity Law Review Aims and scope Submit manuscript

Abstract

On 26 October 2019, the 14th session of the Standing Committee of the 13th National People’s Congress passed and promulgated the Cryptography Law of the People’s Republic of China (hereinafter referred to as the “Cryptography Law”) which shall be effective as of 1 January 2020. Prior to that, the rules of high legislation hierarchy on cryptography administration could be traced back to the Regulations on the Administration of Commercial Cryptography (hereinafter referred to as the “Regulations”) promulgated by the State Council in October 1999. Thereafter, the State Cryptography Administration and the Standing Committee of the National People’s Congress promulgated the Cryptography Law of the People’s Republic of China (Draft for Comment) and the Cryptography Law of the People’s Republic of China (Draft) (hereinafter referred to as the “Cryptography Law (Draft)”) respectively on 5 April 2017 and 5 July 2019. The Cryptography Law which is based on the Cryptography Law (Draft) and has improved the same fills the long-standing legal gap in the field of cryptography and is the first comprehensive law on cryptography administration in our country. By comparing the following articles, we will analyze the main changes of the Cryptography Law against the Regulations and the Cryptography Law (Draft) and its connection with the existing relevant laws and regulations, so as to show the evolution of China’s cryptography regulatory system and its approaches of “regulation” and “deregulation”.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. The State Administration for Market Regulation and the State Cryptography Administration would at another time promulgate a product catalogue for commercial cryptographic products certification, certification rules and pertinent implementing requirements.

  2. On 31 December 2013, the State Cryptography Administration and the General Administration of Customs jointly issued the Announcement on Adjusting the Catalogue of Import Management of Cryptographic Products and Equipment Containing Cryptography Technology (“the Joint Announcement of the State Cryptography Administration and the General Administration of Customs No. 27, 2013”), which published the Catalogue of Import Management of Cryptography Products and Equipment Containing Cryptographic Technology. Since the products listed in the catalogue must be subject to an Import License, it can be understood that the products in the Catalogue belong to cryptography products and equipment containing encryption technology.

  3. Due to the Appendices 3 of the No. 336 Notice “Interim and Ex Post Supervision Measures after Removal of ‘Approval for the Use of Foreign-Produced Cryptographic Products’ by Foreign-Invested Enterprises”, after the cancellation of the administrative licensing item of “the approval for the use of foreign-produced cryptographic products by foreign-invested enterprises”, measures will be taken to strengthen interim and ex post regulation: First, the review of end-users and end use of imported cryptographic products will be strengthened in the examination and approval for the import of cryptographic products. Efforts should be made to improve the examination and approval process as well as relevant documentations. The registration and review as well as the classification administration of end-users and end use of imported cryptographic products shall be strengthened. Secondly, it shall intensify the “Random Target Random Officer” spot check for entities that have obtained the import license for cryptographic products. Efforts shall be made to fully implement the principle of “Random Target Random Officer and Disclosure of Inspection Results”, to improve the particulars and methods of spot checks of the entities that have obtained the import license for cryptographic products, strengthen the review of end-users and end use of imported cryptographic products, make public disclosure of spot check matters and results at an appropriate time, put forward rectification requirements for the problems found during spot checks and conduct inspections on rectification results.

  4. The State Administration for Market Regulation and the State Cryptography Administration would at another time promulgate a product catalogue for commercial cryptographic product certification, certification rules and pertinent implementation requirements.

Author information

Authors and Affiliations

  1. 8/31/33/36/37F, SK Tower, Equity Partner of Zhong Lun Law Firm, 6A Jianguomenwai Avenue, 100022, Beijing, Chaoyang District, China

    Jihong Chen

Authors
  1. Jihong Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jihong Chen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chen, J. Regulation and deregulation: understanding the evolution of the Chinese cryptography legal regime from the newly released Cryptography Law of China. Int. Cybersecur. Law Rev. 1, 73–86 (2020). https://doi.org/10.1365/s43439-020-00003-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1365/s43439-020-00003-6

Keywords

Search

Navigation