The Office of the Central Cyberspace Affairs Commission and three other departments have recently released the Administrative Provisions on the Security of Internet Government Service Applications (the "Provisions"), with effect from July 1, 2024.
According to the Provisions, the development and operation of internet government service applications shall comply with the provisions of relevant laws, administrative regulations and the mandatory requirements of national standards; technical measures and other necessary measures shall be adopted to prevent such risks as content falsification, breakdown caused by attacks, and data theft, and ensure the safe and stable operation of internet government service applications, as well as data security. The Provisions clarify that a Party and government organ can open at most one portal website. The title of the real entity or its standard abbreviation shall be used preferably as the title of the internet government service application. If other titles are to be used, in principle, the naming method of region plus function shall be adopted, and the title of the real entity shall be marked in a prominent position. The Provisions also stipulate that government bodies and public institutions shall adopt security and confidentiality prevention and control measures, strictly prohibit the release of state secrets and work secrets, and prevent the risk of secret breach caused by the data aggregation and correlation in internet government service applications. Confidentiality management regarding the storage, processing, and transmission in internet government service applications shall also be strengthened.