2025-11-15 21:11
China has approved major changes to its cybersecurity law, marking the first major update to the framework since it was introduced in 2017. The revised law will be passed by the Standing Committee of the National People’s Congress in late October 2025, and is scheduled to come into force on January 1, 2026. The new version aims to address new technological risks, strengthen enforcement powers and provide greater clarity on how cybersecurity incidents are handled in the country.
A central addition to the law is a new clause focused on artificial intelligence. This is the first time that China’s cybersecurity law directly recognizes AI as an area requiring state guidance. The updated document calls for safeguards around AI development, highlighting the need for ethical guidelines, safety checks and governance mechanisms for advanced systems. At the same time, the law encourages the use of AI and similar technologies to strengthen cybersecurity controls. While this amendment outlines strategic expectations, it is expected that the specific rules that organizations will need to follow will be addressed through later regulations and detailed technical standards.
The revised law also introduces stronger enforcement powers. Penalties for serious violations have been increased, giving regulators the power to impose heavy fines on both companies and individuals who fail to meet their obligations. The scope of punishable acts has been expanded, demonstrating efforts to tighten accountability across China.
(…)
Content has been cut to protect the source. See sources for the rest of the article.
This article is indexed from CySecurity News – Latest Information Security and Hacking Incidents.
Read the original article:
related
