China's proposed cryptographic law clarifies that no organization or individual may steal other people's encrypted information.

Zhongxin.com Beijing June 25 (Liang Xiaohui Huang Yiqin) The draft cryptography method was submitted to the 13th National People's Congress Standing Committee for deliberation on the 25th. The draft clarifies that no organization or individual may steal other people's encrypted information, illegally invade other people's password protection system, or use passwords to engage in activities that endanger national security, social public interests, and the legitimate rights and interests of others or other illegal criminal activities.

The password in the draft cryptography refers to products, technologies, and services that use a specific transformation to encrypt or securely authenticate information. There are two main functions of a password: one is encryption protection and the other is security authentication.

The draft cryptographic method is divided into general rules, core passwords, ordinary passwords, commercial passwords, legal liabilities, and five chapters and forty-four.

As a comprehensive and basic law in the field of cryptography, there are three principles in the cryptography legislative process: First, the principle of classified management of core ciphers, ordinary ciphers and commercial ciphers is clearly defined. The second is to pay attention to the balance between the need for functional transformation and the need for “distribution of services” and the protection of national security. The third is to pay attention to the relationship between the draft and the cybersecurity law, the conservative state secret law and other related laws.

Regarding the leadership and management system of password work, the draft is clear: adhere to the leadership of the Communist Party of China on password work; the central password work leading body implements unified leadership of the national password work, formulates major guidelines and policies for national passwords, and coordinates and coordinates major issues and important tasks of the national password. Promote the construction of the national password rule of law. The national password management department is responsible for the management of password work throughout the country; the local password management departments at or above the county level are responsible for managing the password work in their administrative areas; the state organs and the units involved in the password are responsible for their own organs, their own units or the system within their scope of responsibility. The password works.

Regarding the classification management principle of passwords, the draft clearly stipulates that passwords are divided into core passwords, ordinary passwords, and commercial passwords, and classification management is implemented. Correspondingly, the draft proposes the principle of password classification protection: the core password and the ordinary password are used to protect the state secret information. The highest level of the core password protection information is the top secret level, and the highest level of the ordinary password protection information is the secret level; the core password, The ordinary password belongs to the state secret, and the password management department implements strict and unified management according to law. Commercial passwords are used to protect information that is not a state secret; citizens, legal persons, and other organizations can use commercial passwords to protect networks and information security.

In addition, the draft also stipulates corresponding legal responsibilities. (Finish)

Source: China News Network

Author: Liang Xiaohui Huang Yu Chin