China's Ministry of Industry and Information Technology (MIIT) yesterday issued the Management Methods for Internet Information Services (Revised Review Draft), laying out clear regulations for areas including real-name registration, website access criteria, and personal information security for citizens.

A spokesperson for the MIIT said that since December 2011, real-name registration trials for microblog users in Beijing, Shanghai, Tianjin, Guangzhou, and Shenzhen had had positive effects on efforts to crack down on online crime and construct an environment of social trust.

The review draft clarifies requirements for users of discussion fora, blog platforms, microblogs, and other interactive services to register using their real names, and stipulates that services that offered internet search or platforms for internet users to publish information prior to the implementation of these regulations will be required to apply for permission in accordance with the regulations. Services that do not meet all the requirements of the regulations as of their implementation will be required to meet requirements within six months of implementation. Services still not meeting requirements after this grace period will be punished by online information and content management authorities.

The review draft proposes that internet information services fall under the category of industries related to national and public security, and to the health, safety, security, and well-being of the public at large, meaning that service providers must possess outstanding reputations and meet special conditions. To this end, the draft lays out a uniform set of basic access conditions for websites.

In answer to the pressing need to combat online crime, an MIIT spokesperson said, the draft regulations specify that internet information service providers must retain records of all information published, whether by the users or the service providers themselves, for a six-month period. Internet information service providers must retain service logs for a 12-month period in order to aid investigations by public and state security organs.

The draft also stipulates that internet information service providers and internet access providers must be responsible for the security of all user identity information, logging information, and other individual data, and may not sell, modify, deliberately leak, or otherwise make illegal use of user data. Service providers found to be in violation of this regulation will be ordered by telecommunications and public security authorities to correct their behavior, and will have any illegal gains confiscated. Companies whose illegal gains exceed RMB 50,000 will be fined an amount between three to five times the amount of their illegal gains, while service providers whose illegal gains total between RMB 0 and RMB 49,999 will be fined between RMB 10,000 and RMB 15,000. Serious violators may be ordered to suspend services pending a decision by telecommunications authorities to revoke or cancel their telecom service operating licenses.

Source:marbridgeconsulting