The General Office of the Ministry of Industry and Information Technology ("MIIT") has recently distributed the Circular on Launching the 2018 Program of Checking the Cyber Security in the Telecommunications and Internet Industries (the "Circular").
According to the Circular, what to be inspected are the networks and systems developed and operated by basic telecommunications enterprises, internet-based enterprises, domain name registries and domain name registrars, which have legally obtained the business permits from the competent telecommunications authority. The inspection will focus on particularly major internet of things platforms, online car-hailing information service platforms and internet of vehicles information service platforms in the telecommunications and internet industries, such as network infrastructure, collection of user information and network data, stores of mobile applications, public cloud service platforms and public video monitoring cameras. In addition, the Circular states that major attention shall be paid to looking into efforts of network operators in implementing such laws and regulations as the Cyber Security Law, the Administrative Measures for the Protection of Communications Network Security and the Provisions on the Protection of Personal Information of Telecommunications and Internet Users, their compliance with serial standards on the protective system for telecommunications and internet security, possible weak passwords, medium and high priority security vulnerabilities, and other hidden cyber security risks.