New rules on computer security systems

New rules on computer security systems
New rules on computer security systems 

China Daily 
October 24, 2007

Legislators in Guangdong Province are planning to amend a draft 
regulation on the security of computer-based information systems.

The key amendments include ensuring website operators "establish a sound 
security system" and the introduction of "serious punishments for 
violators of computer information systems".

He Yanfeng, a deputy to the Guangdong provincial people's congress, 
said: "The amendments are aimed at further developing computer 
information technology."

In recent years, the province has had many cases where the security of 
information systems has been breached.

Actions defined as posing a threat to security include entering a system 
without permission, or illegally using data contained within a system.

Under the draft regulation, the publication of misleading or false 
information online is strictly forbidden.

Also, disclosing Internet users' e-mail addresses or other personal 
information to a third party, and producing or spreading Internet 
viruses are prohibited.

"Individuals or companies that are found to be engaging in such 
activities will be subject to strict punishments," He said.

These will include fines of between 5,000 and 15,000 yuan 
(US$670-$2,000), she said.

"Decoding illegally imported software products, which are usually 
without authentication codes, will also be strictly forbidden," He said, 
adding that all "decoding business" should be carried out by the local 
public security authority.

Under the draft, Internet cafes are also required to set up standardized 
computer information administration systems in a bid to prevent 
"potential threats".

He said: "Public security departments and other government organizations 
will also be punished if they are found to have illegally disclosed 
information about computer users."

Chen Shuhuang, a lawyer with the Guangzhou-based Hanmeng Law Firm, said 
the amended draft was "a bigger step towards the protection of computer 
information systems".

"The rules will also better protect the information stored about people 
online," he said.

CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - 

Site design & layout copyright © 1986-2015 CodeGods