Database

It has been reported that, as of September 2017, Whatsapp is fully blocked in China. Although the service has seen some disruptions before, this is the first time that it is blocked to such a complete extent. It has also been reported that this blockage forms part of China's social media crackdown, which followed the introduction of its Cybersecurity Law.

Under the privisions of the Cybersecurity Law, and as part of a social media crackdown on websites that disseminate "vulgar content" and which "negatively impact society", China shut down over 60 social media accounts which covered celebrity gossip. Additionally, China's media oversight body, the State Administration of Press, Publication, Radio, Film and Television, ordered three major online companies (Weibo, iFeng, and ACFUN) to halt some of their multi-media streaming services, citing that they lacked adequate permits and that the sites hosted "many politically-related programs that do not conform with state rules".

In April 2016, Medium, an online website that allows users including news websites to publish sharable content was blocked in China. There was no official statement explaining the reason for blocking the site.

In China, there is a centralized control over international gateways and sporadic, localized shutdowns of internet access to quell social unrest. A nationwide blocking, filtering and monitoring system delays or interrupts access to international websites - the so-called Golden Shield.

Since 2012, the Golden Shield has also started to block Virtual Private Networks (VPNs). The government has also shut down access to entire communications systems in response to specific events, notably imposing a 10-month internet blackout in the Xinjiang Uighur Autonomous Region in 2009.

Moreover, selected web applications are blocked and the video-sharing platform YouTube and social media sites like Facebook, Twitter, Google+ and Foursquare are consistently inaccessible.

Document-sharing applications like Google’s cloud storage service Drive are also blocked and other Google applications like Calendar and Translate became inaccessible in June 2014.

The Service Provider should remove the infringing content/ link immediately upon notice from the Copyright Owner, or latest within 24 hours if there is too much content or links to deal with and the take-down process is relatively complicated. If the Service Provider is unable to take down the infringing content/ link within 24 hours, they should provide an explanation to the Copyright Owner in writing immediately (art. 7).

According to a draft notice from China's Ministry of Industry and Information Strategy, all enterprises providing basic telecommunication services and internet access services are required to comprehensively self-investigate their basic network infrastructure as well as the usage of network access resources such as IP addresses and network bandwidth, so as to rectify the following issues: insufficient management of network access resources; self-creation or usage of illegal resources against regulations; subletting; conducting cross-border operations against regulations.

The period for public comments on the draft ended in December 2016, but it is not clear when it will be implemented.

Under the Provisions, app providers are required to monitor online content and report violations to government authorities. App providers and app stores must not use apps to endanger national security or disrupt the public order, or to produce, reproduce, publish, or disseminate content banned by laws and regulations, according to the Provisions. In addition, app providers must monitor banned content and take action against users that publish banned content, by issuing warnings, restricting functions, stopping updates, or terminating accounts. They must also keep a record of the violations and report the matters to relevant government authorities.

The Provisions also require app stores to verify the legitimacy of app providers and ensure app providers protect user information and publish lawful content. App stores are required to take action against offending app providers by issuing warnings, suspending their publications, or removing the aberrant apps from the stores. App stores are also required to keep records of the violations and report them to the relevant government authorities (Art. 8.)

The Counter-Terrorism Law issued in 2016 requires telecoms and Internet Service Providers (ISP) to establish content monitoring and network security programs. The companies are required to adopt precautionary security measures to prevent the dissemination of information on extremism, to report terrorism information to the authorities in a timely manner, to keep original records, and to promptly delete such messages to prevent further circulation (Art. 19). The law introduces both pecuniary fines and detentions up to 15 days for telecommunications operators and ISPs personnel who fail to “stop transmission” of terrorist or extremist content, “shut down related services,” or implement “network security” measures to prevent the transmission of such content.

Intermediaries are obliged to obtain real identity information when providing internet access services and information publication services.

Furthermore, it is required that users of blogs, microblogs, instant-messaging services, online discussion forums, news comment sections and related services register with their real names and avoid spreading content that challenges national interests.

Finally, according to the Counterterrorism Law, providers of telecommunication, internet, and financial services are required to conduct identity checks of their customers or clients and refuse to provide services to those that decline to provide such information. No implementing regulations have been issued yet. This requirement came into force via the implementing Regulation on the Management of Internet Posts and Comment Services in October 2017.

App providers must ensure that new app users register with their real names by verifying users’ mobile phone numbers and/or other identity information.

Intermediaries are obliged to obtain real identity information when providing internet access services and information publication services.

Furthermore, a regulation requires users of blogs, microblogs, instant-messaging services, online discussion forums, news comment sections and related services to register with their real names and avoid spreading content that challenges national interests.

The Safe Harbor defense for internet intermediaries providing hosting services is spelt out in the Guiding Framework on Protection of Copyright for Network Dissemination (Art. 14-17, 22). The hosting defense in Art. 22 only applies to service providers who host third party materials. Yes, Art. 36 of the Tort Law of the People's Republic of China states that a "network service provider" shall assume the tort liability if it infringes on "upon the civil right or interest of another person." Furthermore, the Tort Law allows that victims of the tort can notify the network service provider to demand the deletion, blocking or disconnection of the cause of infringement. Failing to do so can lead to further liability for the network provider in the event of further harm to the user. Finally, liability can be further increased in the event that the network service provider knew of the infringement but did not take action.

According to the Chinese criminal code, the founder or directly responsible manager of a website, knowing that any other person is producing, reproducing, publishing, selling or disseminating pornographic electronic information, allows or connives at the person’s publishing such information on the website. Therefore, the founder or directly responsible manager shall be convicted of the crime of disseminating pornographic items for profits.

In May 2014, the Chinese government revoked the Internet business license of Shenzhen QVOD Technology Inc, a Chinese online peer-to-peer video-hosting platform and forced it to shut down all the servers due to copyright infringement and Internet pornography. QVOD was later fined 260 million yuan ($40 million). In September 2016, a trial involving four executives of QVOD ended with them being handed sentences of up to 3.5 years. It was alleged that the company allowed pornographic websites to access its streaming technology and approximately 21,000 pornographic materials have been distributed on three servers run by QVOD.

According to the Counterterrorism Law, providers of telecommunication, Internet, and financial services, are required to conduct identity checks of their customers or clients and refuse to provide services to those that decline to provide such information. No implementing regualtions have been issued yet.

According to the Counterterrorism Law, telecommunication and Internet services companies must establish content monitoring and network security programs and adopt precautionary security measures to prevent the dissemination of information on extremism, report terrorism information to the authorities in a timely manner, keep original records, and promptly delete such messages to prevent further circulation. No implementing regualtions have been issued yet.

The Law of the People's Republic of China on Protection of Consumer Rights and Interests introduces administrative sanctions for consumer data breach cases for the first time in China. These include being ordered to rectify the breach, issuing warnings, confiscation of illegal gains, a fine up to ten times any illegal gain (or up to RMB 500,000, approx. 80,000 USD, if none) and, in extreme cases, shutting down and de-registering the business.

In addition, the Cybersecurity Law suggests the possibility of ordering corrections, issuing warnings, confiscation of illegal gains and fines of up to 10 times of illegal gains (or fines of up to RMB1,000,000 where there is no illegal gain) upon discovery of violation in handling personal information.

Finally, according to the 2015 amendments to China Criminal Law, supervisors or other persons with direct responsibility for the violation of certain provisions on personal information may be sentenced to up to three years imprisonment.