The Internet Information Office issued the “Network Data Security Risk Assessment Measures”. Among them, it is pointed out that when relevant departments discover network data processing activities that may endanger national security or public interest during organizational risk assessment work, they should order network data processors to carry out rectification; network data processors that are not in place or refuse to rectify can take measures such as requiring them to stop processing important data. Where Internet information departments and relevant departments at or above the provincial level discover that network data processors have not carried out risk assessments in accordance with regulations, they shall deal with and punish them in accordance with the “Data Security Law of the People's Republic of China” and other laws and regulations. If it is discovered that an evaluation agency carries out a risk assessment in violation of these Measures, the Internet information department or relevant department at or above the provincial level shall order it to carry out rectification; if the circumstances are serious, they may restrict or prohibit them from carrying out risk assessment activities, hold the relevant personnel responsible, and publish them; if it constitutes a crime, criminal liability shall be prosecuted in accordance with law.

The Internet Information Office issued the “Network Data Security Risk Assessment Measures”. Among them, it is pointed out that when relevant departments discover network data processing activities that may endanger national security or public interest during organizational risk assessment work, they should order network data processors to carry out rectification; network data processors that are not in place or refuse to rectify can take measures such as requiring them to stop processing important data. Where Internet information departments and relevant departments at or above the provincial level discover that network data processors have not carried out risk assessments in accordance with regulations, they shall deal with and punish them in accordance with the “Data Security Law of the People's Republic of China” and other laws and regulations. If it is discovered that an evaluation agency carries out a risk assessment in violation of these Measures, the Internet information department or relevant department at or above the provincial level shall order it to carry out rectification; if the circumstances are serious, they may restrict or prohibit them from carrying out risk assessment activities, hold the relevant personnel responsible, and publish them; if it constitutes a crime, criminal liability shall be prosecuted in accordance with law.