中英对照2021关键信息基础设施安全保护条例.docx

RegulationonProtectingtheSecurityofCriticalInformationInfrastructureDocumentNumber：OrderNo.745oftheStateCouncilofthePeople'sRepublicofChinaAreaofLaw:NetworkSecurityManagement1.evelofAuthority：AdministrativeRegulationsIssuingAuthority：StateCouncilDateIssued：07-30-2021EffectiveDate:09-01-2021Status:EffectiveOrderoftheStateCouncilofthePeople'sRepublicofChina(No.745)TheRegulationonProtectingtheSecurityofCriticalInformationInfrastructure,asadoptedatthe133rdexecutivemeetingoftheStateCouncilonApril27,2021,isherebyissuedandshallcomeintoforceonSeptember1,2021.Premier:LiKeqiangJuly30,2021RegulationonProtectingtheSecurityofCriticalinformationInfrastructureChapterIGeneralProvisions中华人民共和国国务院令（第745号）关键信息基础设施安全保护条例已经2021年4月27日国务院第133次常务会议通过，现予公布，自2021年9月1日起施行。总理李克强2021年7月30日关键信息基础设施安全保护条例第一章总则Article1ThisRegulationisformulatedinaccordancewith第一条为了保障关键信息基础设施安全，维护网络安全，根据中华人民共和国网络安全法，制定本条例。theCybersecurityLawofthePeople'sRepublicofChinainordertoensurethesecurityofcriticalinformationinfrastructure(hereinafterreferredtoas4tCI,)andmaintaincybersecurity.第二条本条例所称关键信息基础设施，是指公共 通信和信息服务、能源、交通、水利、金融、公共服务、 电子政务、国防科技工业等重要行业和领域的，以及其他 一旦遭到破坏、丧失功能或者数据泄露，可能严重危害国 家安全、国计民生、公共利益的重要网络设施、信息系统 等。Article2ForthepurposesofthisRegulation,4tCI,meansanyofnetworkfacilitiesandinformationsystemsinimportantindustriesandfieldssuchaspubliccommunicationandinformationservices,energy,transportation,waterconservancy,finance,publicservices,e-govemment,andscience,technologyandindustryfornationaldefensethatmayseriouslyendangernationalsecurity,nationaleconomyandpeople'slivelihood,andpublicinterestsintheeventthattheyaredamagedorlosetheirfunctionsortheirdataareleaked.第三条在国家网信部门统筹协调下，国务院公安 部门负责指导监督关键信息基础设施安全保护工作。国务 院电信主管部门和其他有关部门依照本条例和有关法律、 行政法规的规定，在各自职责范围内负责关键信息基础设 施安全保护和监督管理工作。Article3Undertheoverallcoordinationofthenationalcyberspaceadministration,thepublicsecuritydepartmentundertheStateCouncilshallberesponsibleforguidingandsupervisingtheCilsecurityprotection.ThetelecommunicationsdepartmentandotherrelevantdepartmentsundertheStateCouncilshallberesponsibleforthesecurityprotection,supervision,andadministrationinrespectofCIIwithintheirrespectiveresponsibilitiesinaccordancewiththeprovisionsofthisRegulationandrelevantlawsandadministrativeregulations.省级人民政府有关部门依据各自职责对关键信息基础设施 实施安全保护和监督管理。Therelevantdepartmentsoftheprovincialpeople,sgovernmentshallimplementsecurityprotection,supervision,andadministrationinrespectofCIIaccordingtotheirrespectiveresponsibilities.Article4TheCIIsecurityprotectionshalladheretooverallcoordination,divisionofresponsibilities,andlaw-basedprotection.CIIoperators(hereinafterreferredtoasuCIIOm)shallberequiredtoassumeprimaryresponsibilities,andtheroleofthepeople'sgovernmentsandnon-govemmentsectorsshallbefullyleveraged,soastojointlyprotecttheCIIsecurity.Article5TheslateshallgiveprioritytotheprotectionofCIIspecificallybytakingmeasurestomonitor,defendagainst,andhandlecybersecurityrisksandthreatsoriginatinginsideandoutsidethePeople'sRepublicofChinasoastoprotecttheCIIfromattack,intrusion,interference,andsabotage,andpunishinginaccordancewiththelawillegalandcriminalactivitiesendangeringtheCllsecurity.Noindividualororganizationmayengageinanyactivityofillegallyhackinginto,interferingwith,ordamaginganyCIIorendangertheCIIsecurity.Article6ACIIOshall,inaccordancewiththeprovisionsofthisRegulation,applicablelaws,andadministrativeregulations,aswellasthemandatoryrequirementsofnationalstandards,andonthebasisoftheclassifiedcybersecurityprotection,taketechnicalprotectionandothernecessarymeasurestocopewithcybersecurityevents,guardagainstcyber-attacksandillegalandcriminalactivities,ensurethesafeandstableoperationoftheCU,andmaintaindataintegrity,confidentiality,andavailability.第四条关键信息基础设施安全保护坚持综合协调、分工负责、依法保护，强化和落实关键信息基础设施运营者（以下简称运营者）主体责任，充分发挥政府及社会各方面的作用，共同保护关键信息基础设施安全。第五条国家对关键信息基础设施实行重点保护，采取措施，监测、防御、处置来源于中华人民共和国境内外的网络安全风险和威胁，保护关键信息基础设施免受攻击、侵入、干扰和破坏，依法惩治危害关键信息基础设施安全的违法犯罪活动。任何个人和组织不得实施非法侵入、干扰、破坏关键信息基础设施的活动，不得危害关键信息基础设施安全。第六条运营者依照本条例和有关法律、行政法规的规定以及国家标准的强制性要求，在网络安全等级保护的基础上，采取技术保护措施和其他必要措施，应对网络安全事件，防范网络攻击和违法犯罪活动，保障关键信息基础设施安全稳定运行，维护数据的完整性、保密性和可用性。Article7EntitiesandindividualsthathavemadeoutstandingachievementsorcontributionsintheCIIsecurityprotectionshallbecommendedinaccordancewiththerelevantprovisionsofthestate.ChapterIIThedeterminationofCIIArticle 8 ThecompetentauthoritiesandsupervisionandadministrationdepartmentsofimportantindustriesandfieldssetforthinArticle2ofthisRegulationarethedepartmentsresponsiblefortheCIIsecurityprotection(hereinafterreferredtoastheprotectiondepartments").Article 9 TheprotectiondepartmentshalldeveloptherulesforthedeterminationofCIIaccordingtotheactualconditionsoftheindustryandfieldconcerned,andfilethemwiththepublicsecuritydepartmentundertheStateCouncil.IndevelopingtherulesforthedeterminationofCU,thefollowingfactorsshallbetakenintoaccount:(1) Theimportanceof,amongothers,networkfacilitiesandinformationsystemstokeycorebusinessesinthein