On May 24^th, the National Network Information Office released its Draft Network Security Investigation Measures (the “Draft”) for public consultation. The Draft states that when procurement activities are reported for network security investigation, business operators should use procurement documents, contracts, or other binding methods to request providers of products and services to comply with the network security investigation. Both parties should agree that the contract takes effect only after the procurement activity has passed the network security investigation.

According to the Draft, network security investigation should place emphasis on assessment of possible national security risks that procurement activities may bring. The seven main factors to be considered include: influences on the continuous, safe and stable operation of key informational infrastructure; probability of causing significant leakage, loss, destruction or border exit of personal information and important data; the controllability and transparency of products and services and safety of the supply train, etc.

Source: National Network Information Office