Internet Domain Name Management Measures

ALL TRANSLATIONS ON THIS SITE ARE UNOFFICIAL AND ARE PROVIDED FOR REFERENCE PURPOSES ONLY. THESE TRANSLATIONS ARE CREATED AND CONTINUOUSLY UPDATED BY USERS --THEY ARE FREE TO VIEW, BUT PROPER ATTRIBUTION IS REQUIRED FOR DISTRIBUTION OF THESE OR DERIVATIVE TRANSLATIONS.
Title: Internet Domain Name Management Measures

Promulgating Entities:Ministry of Industry and Information Technology
Reference number: 工信部令第43号
Promulgation Date: 2017-8-24
Expiration date: 
Source of text: http://www.miit.gov.cn/n1146295/n1146557/n1146624/c5778555/content.html

 

Chapter I: General Provisions

Article 1: These Measures are formulated on the basis of the “Administrative Licensing Law of the People’s Republic of China” and the “State Council Decision concerning Establishing Administrative Licensing for Administrative Examination and Approval Matters that Need to Be Preserved” and other such provisions, and with reference to international Internet domain name management norms; so as to standardize Internet domain name services, protect users’ lawful rights and interests, guarantee the security and reliable operation of the Internet domain name system, promote the development and application of Chinese-language domain names and national top-level domains, and stimulate the healthy development of China’s Internet.

Article 2: Engagement in internet domain name services and related activities such as their operation, maintenance, supervision, and management, within the mainland territory of the People's Republic of China shall comply with these Measures.

"Internet domain name services" (hereafter simply named "domain name services") as used in these Measures refers to activities including domain name root server operations and management, top-level domain name operations and management, domain name registration, domain name resolution, etc.

Article 3: The Ministry of Industry and Information Technology carries out supervision and management over domain name services nationwide, its main tasks are:

(1) formulating Internet domain name management rules and policies;

(2) formulating an internet domain name system, and plan for developing domain name resources;

(3) managing domestic domain name root server-running bodies and domain name registration and management bodies;

(4) being responsible for the network and information security management of the domain name system;

(5) protecting users’ personal information and lawful rights and interests according to the law;

(6) being responsible for international coordination concerning domain names;

(7) managing domestic domain name resolution services;

(8) managing other activities concerning domain name services.

Article 4: All provincial, autonomous region and municipal telecommunications management bureaus are to carry out supervision and management of domain name services within their own administrative areas, their main tasks are:

(1) Implementing and enforcing domain name management laws, administrative regulations, rules and policies;

(2) managing domain name registration service bodies within their administrative areas;

(3) assisting the Ministry of Industry and Information Technology in conducting management over domain name root server-running bodies and domain name registration and management bodies within their administrative areas;

(4) being responsible for network and information security management of the domain name system within their administrative area;)

(5) protecting users’ personal information and lawful rights and interests according to the law;

(6) managing domain name resolution services within their administrative areas;

(7) managing other activities concerning domain name services within their administrative areas.

Article 5: China's Internet domain name system is announced by the Ministry of Industry and Information. On the basis of the real situation of domain name development, the Ministry of Industry and Information Technology may regulate China's Internet domain name system.

Article 6: “.cn” and “.中国” are China’s national top-level domains.

Chinese language domain names are an important component part of the Internet domain name system. The State encourages and supports technological research and expanding the application of the Chinese-language domain name system.

Article 7: The provision of domain name services shall abide by relevant State laws and regulations, and conform to corresponding technological norms and standards.

Article 8: The safe and stable operation of the Internet domain name system must not be obstructed by any organization or individual.

Chapter II: Domain Name Management

Article 9: For the domestic (mainland) establishment of a domain name root server or domain name root server-running body, a domain name registration management body or a domain name registration service body, permission from the Ministry of Industry and Information Technology or provincial, autonomous region or municipal telecommunications management departments (hereafter jointly referred to as "telecommunications management bodies") shall be obtained in accordance with these Measures.

Article 10: Those applying to establish a domain name root server or domain name root server-running body, shall meet the following conditions:

(1) the domain name root server is to be set up within the borders, and shall conform to corresponding Internet development plans and the requirements of the safe and stable operation of the domain name system;

(2) be lawfully established legal persons , with the said legal person and their main investors, and main operational and management personnel, having good credit records;

(3) having the premises, finance, environment, specialist personnel and technological capability to guarantee the safe and reliable operation of the root server, as well as information management systems conform to telecommunications management body requirements;

(4) having complete network and information security management measures, including management personnel, network and information security management structures, emergency response processing plans and corresponding technological and management measures;

(5) having the capability to protect users’ personal information, the capability to provide long-term services and complete service withdrawal mechanisms;

(6) other requirements provided by laws and administrative regulations.

Article 11: Those applying to establish a domain name registration and management body shall meet the following conditions:

(1) the domain name management system is to be set up within the mainland territory, and the top-level domain names are to conform to relevant laws and regulations as well as the requirements of the safe and stable operation of the domain name system;

(2) be lawfully established legal persons , with the said legal person and their main investors, and main operational and management personnel, having good credit records;

(3) having perfect professional development plans and technological plans, as well as premises, finance and specialist personnel suited to engaging in top-level domain name operations and management, as well as information management systems conforming to telecommunications management body requirements;

(4) having complete network and information security management measures, including management personnel, network and information security management structures, emergency response processing plans and corresponding technological and management measures;

(5) having the capability to engage in real identity information verification and users’ personal information protection, the capability to provide long-term services and complete service withdrawal mechanism;

(6) having complete domain name registration service management structures and supervision mechanisms for domain name registration service bodies;

(7) other requirements provided for by laws and administrative regulations.

Article 12: Those applying to establish a domain name registration service body shall meet the following conditions:

(1) to set up the mainland domain name registration service system, registered database and the corresponding domain name resolution system within the mainland territory;

(2) be lawfully established legal persons , with the said legal person and their main investors, and main operational and management personnel, having good credit records;

(3) having premises, finance and specialist personnel suited to engaging in domain name registration services, as well as information management systems conform to telecommunications management body requirements;

(4) having the capability to engage in real identity information verification and users’ personal information protection, the capability to provide long-term services and complete service withdrawal mechanism;

(5) having complete domain name registration service management structures and supervision mechanisms for domain name registration agency bodies;

(6) having complete network and information security protection measures, including management personnel, network and information security management structures, emergency response processing plans and corresponding technological and management measures.

(7) other requirements provided for by laws and administrative regulations.

Article 13: Those applying to establish a domain name root server and root server-running body, or domain name registration management body shall submit application materials to the Ministry of Industry and Information Technology. Those applying to establish a domain name registration service body shall submit application materials to the local provincial, autonomous region or municipal telecommunications management department.

The application materials shall include:

(1) The basic information of the applying unit and a letter of commitment, signed by the legally-designated representative, to do business sincerely and according to the law.

(2) certification materials for the effective management of domain name services, including certification materials for relevant systems and premises, as well as service capabilities, management structures as well as agreements concluded with other bodies;

(3) network and information security protection structures and measures;

(4) materials proving the reputation of the applying unit.

Article 14: Where application materials are complete and conform to the statutory form, telecommunications management bodies shall send a letter confirming receipt of the application to the applying work unit; where the application materials are not complete or do not conform to statutory form, telecommunications management bodies shall on the spot or within five working days notify the applying work unit once about the complete content that needs to be supplemented; to those not accepted, a notification letter of non-acceptance will be sent and the reasons explained.

Article 15: Telecommunications management bodies shall complete examination within 20 working days of receiving the application, and make a decision on granting or not granting permission. Where a decision cannot be reached within 20 working days, with the permission of the telecommunications management body, the period may be extended by 10 working days, and the reason for the extension is to be notified to the applying work unit. Where it is necessary to organize expert elucidation, the time of that elucidation is not calculated within the examination time.

To those granted permission, corresponding licensing documents shall be sent; where permission is not granted, the applying work unit shall be notified in writing and the reasons explained.

Article 16: Licences for domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies have a period of validity of five years.

Article 17: Where a change occurs in the name, address, legally-designated representative or other such information of domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies, they shall carry out modification formalities with the original licence-issuing body within 20 days.

Article 18: Where domain name root server-running bodies, domain name registration management bodies or domain name registration service bodies intend to terminate corresponding services within the licence’s period, they shall notify users in writing 30 days in advance, put forward feasible plans to deal with the aftermath, and submit a written application to the original licence-issuing body.

After the organ that originally issued the license receives an application, it shall make a public announcement for 30 days. The organ that originally issued the license shall complete review and make a decision within 60 days of the end of the public announcement.

Article 19: Where the period of validity of a licence is expiring, and it is necessary to continue to engage in domain name services, [applicants] shall apply for an extension within 90 days in advance, with the original licence-issuing body; where domain name services will not be continued, it shall be reported within 90 days in advance to the original licence-issuing body, and aftermath work shall be completed.

Article 20: Where domain name registration service bodies entrust domain name registration agency bodies with conducting market retail and other such work, they shall supervise and manage the work of the said domain name registration agency bodies.

In the process of work such being commissioned to carry out market sales, domain name registration agency bodies shall actively indicate their agency relationship, and indicate the name of and agency relationship with the corresponding domain name registration service bodies in the domain name registration service contract.

Article 21: Domain name registration management bodies and domain name registration service bodies shall establish corresponding emergency response back-up systems and regularly back up domain name management databases.

Article 22: Domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies shall, in a clear position on the front page of their websites and in their business premises, indicate their licencing information. Domain name registration management bodies shall also indicate a name list of the domain name registration service bodies with which they cooperate.

Domain name registration agency bodies shall indicate the name of the domain name registration service body they represent in a clear position on the front page of their website and their business premises.

Chapter III: Domain name services

Article 23: Domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies shall provide secure, convenient and stable services to users.

Article 24: Domain name registration management bodies shall, on the basis of these Measures, formulate domain name registration implementation rules and publish them to society.

Article 25: Domain name registration management bodies shall carry out domain name registration services through domain name registration service bodies approved by telecommunications management bodies.

Domain name registration service bodies shall provide services according to the telecommunications management body's licenced domain name registration service items, and may not provide domain name registration services for domain name registration management bodies that have not been licenced by the telecommunications management body.

Article 26: In principle, “the first to apply is the first to register” in domain name registration services, where implementation regulations for corresponding top-level domain mane registration provide otherwise, those provisions are to be followed.

Article 27: In order to safeguard the national interest and the interests of the social public, domain name registration management bodies shall establish a reserved domain name registration character structure.

Article 28: The following content must not be included in domain names registered or used by any organization or individual:

(1) content violating the basic principles determined in the Constitution;

(2) content endangering national security, divulging State secrets, subverting the national regime, and destroying national unity;

(3) content harming the nation's honor and interests;

(4) content inciting ethnic hatred or ethnic discrimination, or destroying ethnic unity;

(5) content destroying State religious policies or propagating heresy and feudal superstition;

(6) content disseminating rumors, upsetting social order or destroying social stability;

(7) content disseminating obscenity, sex, gambling, violence, murder, terror or instigating crime;

(8) content insulting or defaming others, or harming others’ lawful rights and interests;

(9) other content prohibited by laws or administrative regulations.

Domain name registration management and registration service bodies must not provide services to any organization or individual with domain names containing the content listed in the preceding paragraphs.

Article 29: Domain name registration service bodies may not adopt fraudulent, coercive or other such improper means to demand other persons to register domain names.

Article 30: Domain name registration service bodies providing registration services shall demand that domain name registration applicants provide true, accurate and complete identity information of the domain name holder and other such domain name registration information.

Domain name registration management bodies and domain name registration service bodies shall examine the veracity and completeness of domain name registration information.

Where the domain name registration information provided by applicants for domain names is not accurate or is incomplete, the domain registration management services bodies shall request that they supplement and correct it. Where applicants do not correct this or provide inaccurate domain name registration information, domain name registration service bodies may not provide domain name services to them.

Article 31: Domain name registration service bodies shall make public the content, time limits and fees of domain name registration services, ensure service quality, and provide public inquiry services for domain name registration information.

Article 32: Domain name registration management bodies and service bodies shall store and protect users' personal information in accordance with law. And they must not give users' personal information to others without the users' consent except as otherwise provided by laws, administrative regulations.

Article 33: Where changes occurs to domain name holders’ contact method and other such information, they shall carry out domain name registration information modification formalities with the domain name registration service body within 30 days.

Where domain name holders transfer a domain name to another person, the transferree shall abide by the corresponding domain name registration requirements.

Article 34: Domain name holders have the right to select or change domain name registration service bodies. Where they change of domain name registration service body, the former domain name registration service body shall cooperate with the domain name holder to transfer their corresponding domain name registration information.

Domain name registration service bodies must not impede domain name holders from changing domain name registration service body, without legitimate reason.

Domain names that the Telecommunications management bodies have lawfully requested not be resolved must not change domain name registration bodies.

Article 35: Domain name registration management bodies and domain name registration service bodies shall establish complaints acceptance mechanisms, and announce complaints acceptance methods in a clear location on the front page of their website and their business premises.

Domain name registration management bodies and domain name registration service bodies shall timely deal with complaints; where it is impossible to deal with them in a timely manner, they shall explain the reason and the processing time.

Article 36: Provision of domain name resolution shall comply with the relevant laws, regulations, and standards; shall have relevant technical, services and network and information security safeguard capacities; shall put in place network and information safeguard measures; shall record and store domain name resolution logs, preservation logs, and modification logs; and shall ensure the quality of resolution and the security of the resolution system. Where business telecommunication operations are involved, telecommunications operations business licenses shall be obtained in accordance with law.

Article 37: In the provision of domain name resolution services, resolution information may not be distorted without authorization. .

Domain name resolution must not be maliciously redirected towards other persons' IP addresses by any organization or individual.

Article 38: Provision of domain name resolution services must not provide redirection services for domains that have any of the content provided for in paragraph 1 of article 28 of these Measures.

Article 39:The domain names of those engaging in internet information services shall meet the requirements of laws, regulations, and the relevant provisions of telecommunications management bodies, and must not use the domain name in the commission of illegal acts.

Article 40:Domain name registration management bodies and domain name registration service bodies shall collaborate with relevant State departments in carrying out investigation work according to the law, and employ measures such as stopping resolution of domain names where unlawful activities occur according to the requirements of telecommunications management bodies.

Where domain name management bodies or domain name registration services bodies find that domains they provide services to are publishing or transmitting information that the laws or administrative regulations prohibit the publication and transmission of, they shall immediately employ measures to address it such as deletion or stopping resolution, to prevent the information from spreading, and shall save the relevant records and report to the relevant departments.

Article 41: Domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies shall respect relevant State laws and regulations, and standards; shall, implement network and information security protection measures, allocate the necessary network telecommunications emergency response equipment,and establish and complete network and information security monitoring technology measures and emergency response structures. When network or information security incidents occur in domain name systems, they shall be reported to telecommunications management bodies within 24 hours.

When necessary due to national security or to deal with emergency incidents, domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies shall obey the unified command and coordination of telecommunications management bodies, and respect the management requirements of telecommunications management bodies.

Article 42: Where any organization or individual finds that domain names used or registered by others violate their lawful rights and interests, they may apply for arbitration to the domain name controversy resolution body, or raise a lawsuit in the people's courts.

Article 43: Where already registered domain names have any of the following situations, the domain name registration bodies shall deregister them and inform the domain name holder:

(1) where the domain name holder applies to cancel the domain name;

(2) where the domain name submits false domain name registration information;

(3) where it should be deregistered in accordance with the judgment of a people's court or ruling of a domain name controversy resolution body;

(4) other circumstances where laws or administrative regulations provide for cancellation.

Chapter IV: Oversight and Inspection

Article 44: Telecommunications management bodies shall strengthen supervision and inspection of domain name services. Domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies shall accept and cooperate with the supervision and inspection by telecommunications management bodies.

The launch of self-disciplinary activities in the domain name sector is encouraged, and the public is encouraged to supervise domain name services.

Article 45:Domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies shall, according to telecommunications management body requirements, regularly report their professional circumstances, operational security circumstances, the state of network and information security implementation, and complaints and disputes circumstances.

Article 46:When telecommunications management bodies carry out supervision and inspection according to the law, they shall examine and verify the materials submitted by domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies, they shall also inspect their enforcement of laws and relevant State and telecommunications management body provisions.

Telecommunications management bodies may entrust third party specialist bodies to carry out supervision and inspection activities.

Article 47:Telecommunications management bodies shall establish credit record structures for domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies, and shall enter their violations of these Measures, as well as the administrative punishment they receive, into the credit file.

Article 48:When telecommunications management bodies carry out supervision and inspection, they may not obstruct the regular operations and service activities of domain name root-server-running bodies, domain name registration management bodies and domain name registration service bodies, they may not accept any fee, and may not divulge the domain name registration information they acquire.

Chapter V: Penalties

Article 49: Where, in violation of the provisions of Article 9 of these Measures, an unauthorized domain name root server or domain name root server-running body, domain name registration management body or domain name registration service body is established without a licence, telecommunications management bodies shall, according to the provision of Article 81 of the “Administrative Licensing Law of the People’s Republic of China”, adopt measures to cease this, and in view of the gravity of the circumstances, impose a fine of 10.000 Yuan or more but less than 30.000 Yuan.

Article 50:Where, in violation of the provisions of these Measures, one of the following circumstances occurs in domain name registration management bodies or domain name registration service bodies, the telecommunications management bodies, on the basis of their powers, order rectification within a limited time, and in view of the gravity of the circumstances, impose a fine of 10.000 Yuan or more but less than 30.000 Yuan, and publish the matter to society:

(1) where unlicensed domain name registration management bodies provide domain name registration services, or where domain name registration services are offered through unlicensed domain name registration service bodies;

(2) where domain name registration services are not provided according to the clauses of the licence;

(3) where the veracity and completeness of domain name registration information is not verified;

(4) where domain name holders are impeded from changing their domain name registration service body without proper reason.

Article 51:Where, in violation of the provisions of these Measures, one of the following acts is committed in the provision of domain name resolution services, telecommunications management bodies order rectification within a limited time, and may, in view of the gravity of the circumstances, additionally impose a fine of 10.000 Yuan or more but less than 30.000 Yuan, and publish the matter to society:

(1) where domain name resolution information is distorted without authorization or domain name resolution is maliciously redirected to another person’s IP address;

(2) Where domain name redirection services are provided for domains that have any of the content provided for in paragraph 1 of article 28 of these Measures;

(3) where network and information security protection measures are not implemented;

(4) Where domain resolution logs, preservation logs, and modification records have not been recorded and stored in accordance with law;

(5) Where a request is not followed to handle a domain with illegal conduct.

Article 52:Where Article 17, Article 18 Paragraph I, Article 21, Article 22, Article 28 paragraph 2, Article 29, Article 31, Article 32, Article 35 Paragraph I, Article 40 Paragraph 2, or Article 41 of these Measures are violated, the telecommunications management body shall, on the basis of its powers, order rectification within a limited time, and may also additionally impose a fine of 10,000 Yuan or more but less than 30,000 Yuan, and publicly announce this.

Article 53:Where laws or administrative regulations have other provisions for fining illegal conduct, follow the relevant laws or administrative regulations for implementation.

Article 54: Where any organization or individual, in violation of the provisions of Article 28 paragraph 1 of these Measures, registers or uses a domain name in a manner constituting a crime, criminal liability will be prosecuted according to the law; where it does not yet constitute a crime, relevant departments will impose punishment according to the law.

Chapter VI: Supplementary Provisions

Article 55: The meanings of the following terms used in these Measures are:

(1) domain name: a hierarchical structural character identifier for identifying and positioning computers on the Internet, corresponding to the IP address of the computer.

(2) Chinese-language domain name: refers to domain names in Chinese language characters.

(3) Top-level domain name: refers to the domain naming at the first level under the root node in the domain name system.

(4) Domain name root server: refers to the server tasked with root node functions in the domain name system (including mirror servers).

(5) Domain name root server-running body: refers to bodies that have obtained permission according to the law, and undertake running, maintaining and management of domain name root servers.

(6) Domain name registration management body: refers to bodies that have obtained permission according to the law, and undertake top-level domain name operations and management work.

(7) Domain name registration service body: refers to bodies that have obtained permission according to the law, which accept domain name registration applications and complete registration of domain names in the top-level domain database.

(8) Domain name registration agency body: refers to bodies that, on entrustment of domain name registration service bodies, accept domain name registration applications and indirectly complete registration of domain names in the top-level domain database.

(9) domain name management system: refers to all principle information systems required by domain name registration management bodies carrying out top-level domain operation and management in the mainland territory; including registration management systems, registration databases, the domain name resolution systems, domain name information query systems, identity information verification systems, and so forth.

(10) Domain name redirection: Refers to visits to a certain domain being forwarded to another domain, IP address, or network information service etc.; that is bound or identified by that domain.

Article 56:The time periods provided in these Measures, except where working days are indicated, refer to natural days.

Article 57:Those with permits to carry out domain name services acquired before these measures take effect shall follow these measures to complete the permit formalities within 12 months of these measures taking effect.

For domain name root server-running bodies, domain name registration management bodies and domain name registration service bodies that had already obtained licences when these Measures took effect, the provisions of Article 16 of these Measures apply to the period of validity of their licences, and the period of validity will be calculated from the date of these Measures taking effect.

Article 58:These Measures will come into force as of November 1, 2017. The 'Measures for the Management of China Internet Domain Names" (Decree No. 30 of the former Ministry of Information and Industry) promulgated on November 5, 2004 are abolished at the same time. Where relevant provisions promulgated before the implementation of these Measures are inconsistent with these Measures, these Measures control.

 

Tip Us!

Be the first to comment

Leave a Reply

Your email address will not be published.


*