MIIT notice on Cleaning Up and Regulating the Internet Access Service Market

ALL TRANSLATIONS ON THIS SITE ARE UNOFFICIAL AND ARE PROVIDED FOR REFERENCE PURPOSES ONLY. THESE TRANSLATIONS ARE CREATED AND CONTINUOUSLY UPDATED BY USERS --THEY ARE FREE TO VIEW, BUT PROPER ATTRIBUTION IS REQUIRED FOR DISTRIBUTION OF THESE OR DERIVATIVE TRANSLATIONS.
Issuing Organ:Ministry of Industry and Information Technology
Title:MIIT notice on Cleaning Up and Regulating the Internet Access Service Market
Release Number:MIIT Telecom. Dept. Doc. No. [2017] 32
Document date:2017-01-17
Release date:2017-01-22
Source:http://www.miit.gov.cn/n1146285/n1146352/n3054355/n3057709/n4704651/c5471876/content.html
MIIT Telecom. Dept. Doc. No. [2017] 32

To the communication administration bureaus of all provinces, autonomous regions and directly governed municipalities; to the China Academy of Information and Communications Technology; the China Telecommunications Corporation; China Mobile Communications Corporation; China United Network Communications Group Co., Ltd.; China Radio and Television Network Co., Ltd.; CITIC Networks Co., Ltd.; and to all operators of Internet data centers, operators of Internet access services, and operators of content distribution networks:

In recent years, network information technology has been rapidly changing, and development of applications in areas such as cloud computing and big data is thriving, and China's Internet access service market is facing rare opportunities for development, but signs of disorderly development are also emerging, urgently requiring rectification and regulation. In order to further regulate market order, strengthen online information security management, and promote the healthy and orderly development of the Internet sector, the Ministry of Industry and Information Technology has decided to carry out nationwide efforts to cleanup and regulate the Internet access service market from now until March 31, 2018. Notice on the relevant matters is given as follows:

I. Goals

To investigate and penalize illegal activities in the Internet datacenter (IDC), Internet access service (ISP) and content distribution network (CDN) markets, including business without permit, business beyond permitted scope, layer-by-layer subletting, etc.; to strengthen the management of business permits and access resources, and harden the management of cybersecurity; to maintain a fair and orderly market, and promote the healthy development of the sector.

II. Focuses of Work

(I) Strengthening qualification management, investigating and penalizing illegal businesses

1. All communications administration bureaus are to perform background investigations on enterprises providing IDC, ISP and CDN businesses within their jurisdiction, so as to eliminate following illegal business activities:

(1) Businesses without permits, i. e. enterprises, without having acquired the corresponding telecommunication business permits, conducting unauthorized IDC, ISP and CDN businesses in the jurisdiction.

(2) Business beyond geographical scope, i. e. enterprises holding corresponding telecommunication business permits that geographically does not cover the jurisdiction in question, nonetheless deploying IDCs and servers, and conducting ISP services.

(3) Business beyond business scope, i. e. enterprises holding certain telecommunication business permits, but conducting IDC, ISP and CDN services that go beyond the kinds of businesses specified in the permits.

(4) Subletting or transferring business permits, i. e. enterprises holding corresponding telecommunication business permits, using the notion of technical cooperation or something similar, providing qualifications or resources against regulation to enterprises without permits to conduct illegal telecommunication businesses.

2. Enterprises that have held IDC permits prior to the enactment of the Catalog of Telecommunication Businesses (Version 2015), in case they have started conducting Internet resource sharing (cloud computing) service or CDN businesses, should issue written assurance to the original permit issuing authority about fulfilling the requirements for the corresponding permits before the end of 2017, and acquire the corresponding telecommunication business permits no later than 31 March 2017.

Those who have not issued assurance in time, should, starting 1 April 2017, conduct business activities strictly within the business scope specified in their business permits, and must not conduct unpermitted business. Those who have not acquired the corresponding telecommunication business permits in time, as assured, must, starting 1 January 2018, no longer conduct the corresponding businesses.

(II) Hardening resource management, eliminating irregular usage

All enterprises providing basic telecommunication services and Internet access services are to comprehensively self-investigate their basic network infrastructure, as well as the usage of network access resources such as IP addresses and network bandwidth, so as to rectify the following issues:

1. Insufficient management of network access resources. All enterprises providing basic telecommunication services should strengthen the management of network channel resources, strictly inspect the qualifications of and the intended use by the leasing party, and must not provide basic network infrastructure for conducting IDC, ISP and CDN businesses, or network access resources such as IP addresses and network bandwidth, to enterprises and individuals with no corresponding telecommunication business permits.

2. Self-creation or usage of illegal resources against regulations. Enterprises providing IDC, ISP and CDN services must not create telecommunication equipment on their own, and must not use basic network infrastructure and network access resources such as IP addresses and network bandwidth that are provided by institutions or individuals who do not have the corresponding telecommunication business permits.

3. Layer-by-layer subletting. Enterprises providing IDC and ISP services must not sublet network access resources they has acquired, such as IP addresses and network bandwidth, to other enterprises to be used to conduct IDC and ISP services by themselves.

4. Conducting cross-border operations against regulations. Without approval by the telecommunication management departments, one must not create on his own accord, or hire, dedicated lines (including virtual private networks VPNs) or other information channels to conduct cross-border business activities. Basic telecommunication enterprises leasing dedicated international lines to users, should create a centralized user archive, and make clear to the users that the terms of use of those lines are limited to internal office use, and that the lines must not be used to connect to domestic or overseas datacenters or operations platforms to conduct telecommunication operations business activities.

(III) Implementing relevant ordinances, consolidating ground for management

Requirements specified in the "Notification by the Ministry of Industry and Information Technology on Further Standardizing the Market Entry Permit Process for Internet Datacenter (IDC) and Internet Access Service (ISP) Businesses" (MIIT Infocom. Dept. Doc. No. [2012] 552, herein after "The Notification") regarding funds, employees, sites, equipment, technical solutions and information security management are to be implemented, and management of the complete process before, during and after events are to be strengthened.

1. Enterprises that have acquired IDC and ISP permits prior to 1 December 2012 should, in reference to the requirements specified in The Notification regarding funds, employees, sites, equipment, technical solutions and information security management, create relevant systems, pass reviews and tests, and wrap-up the system docking process.

Enterprise who do not yet meet the requirements should issue written assurance to the original permit issuing authority about fulfilling the requirements before the end of 2017, pass reviews and tests, and wrap-up the system docking process no later than 31 March 2017. Those who have not issued assurance in time, and those who have not passed reviews and tests, and wrapped-up the system docking process in time, as assured, should be urged by the communications administration bureaus to rectify.

Specifically, all relevant enterprises should wrap-up the creation, reviews and tests, and system docking process of their cybersecurity management system, in accordance with the "Notice on Doing Good Work to Create and Dock Cybersecuriy Management Systems", the "Letter to Report the Situation of Docking the Cybersecurity Management Systems of Value-Added IDC and ISP Enterprises in the Country", and the "Regulation on Using and Operating Cybersecurity Management Systems (Trial)" (MIIT General Office Cybersec. Doc. No. [2016] 135). Enterprises who have not fulfilled the requirement in time will not pass the annual test for their telecommunication business permits.

2. Enterprises applying for new IDC (including cloud computing) business permit need to create a record system for Internet content providers (ICP), IP addresses, and domain names, a management platform for network access resources and a cybersecurity management system; implement requirements on IDC operational security and information security, and pass relevant reviews and tests.

3. Enterprises applying for new CDN business permit need to create a record system for Internet content providers (ICP), IP addresses, and domain names, a management platform for network access resources and a cybersecurity management system; implement requirements on information security, and pass relevant reviews and tests.

4. Enterprises holding existing IDC permit who apply for extending their scope of business, or adding new server rooms and operation stations within their existing scope of business, need to fulfill the requirements specified in The Notification regarding IDC operational security and information security, and pass relevant reviews and tests.

5. Enterprises holding existing ISP (including website hosting) permit who apply for extending their scope of business, need to fulfill the requirements specified in The Notification regarding information security, and pass relevant reviews and tests.

6. Enterprises holding existing CDN permits who apply for extending their scope of business, or adding new bandwidth and operation stations within their existing scope of business, need to fulfill the requirements specified in The Notification regarding information security, and pass relevant reviews and tests.

III. Safeguard Measures

(I) Providing policy communication and guidance, performing consultation services

各通信管理局要利用各种方式做好政策宣贯和解读工作,公布电话受理相关举报和解答企业问题咨询,引导企业按照要求合法开展经营活动。 中国信息通信研究院要做好相关评测支撑工作,协助部和各通信管理局做好政策宣贯、举报受理、企业问题解答等工作。

(II) Initiating comprehensive self-inspection, cleaning up and rectifying on one's own initiative

各基础电信企业集团公司要组织下属企业全面自查,统一业务规程和相关要求,从合同约束、用途复查、违规问责等全流程加强规范管理,严防各类接入资源违规使用;对存在问题的要立即予以改正,并追究相关负责人责任。

各IDC、ISP、CDN企业要落实主体责任,按照本通知要求全面自查清理,及时纠正各类违规行为,确保经营资质合法合规,网络设施和线路资源使用规范,加强各项管理系统建设并通过评测。

(III) Strengthening supervision and inspection, strictly investigating irregular activities

各通信管理局加强对企业落实情况的监督检查,发现违规问题要督促企业及时整改,对拒不整改的企业要依法严肃查处;情节严重的,应在年检工作中认定为年检不合格,将其行为依法列入企业不良信用记录,经营许可证到期时依法不予续期,并且基础电信企业在与其开展合作、提供接入服务时应当重点考虑其信用记录。 The department will combine situations such as petitions, reports, and public opinion feedback, to organize and carry out supervision sampling at appropriate times.

(IV) Improving exit mechanisms, performing wrap-up work

对未达到相关许可要求或被列入因存在违规行为被列入不良信用记录的企业,不得继续发展新用户。 发证机关督促相关企业在此期间按照《电信业务经营许可管理办法》有关规定做好用户善后工作。 向发证机关提交经营许可证注销申请的,发证机关应依法注销该企业的IDC、ISP经营许可证。

(V) Improving credit management, strengthening personnel training

Actively give play to third party organization advantages, study the establishment of IDC/ISP/CDN enterprise credit appraisal mechanisms, and starting with comprehensive, multi-faceted evaluation of infrastructure, service quality, capacity of network and information security safeguards, and forth, to lead enterprises to emphasize their credit status, improve the construction of management systems, and regulate market business conduct. All communications administration bureaus should strengthen technical training of relevant industry personnel, continuously raising the professional competence and capacity of industry personnel.

IV. Work Requirements

(I) Heightening awareness, strengthening organizational leadership

开展互联网网络接入服务市场规范清理工作是加强互联网行业管理和基础管理的重要内容,对夯实管理基础、促进行业健康有序发展具有重要意义。 各相关单位要指定相关领导牵头负责,加强组织保障,抓好贯彻落实。

(II) Dividing work and cooperating with each other, implementing each one's responsibilities

Each Communications Administration Bureau, basic telecommunications operations companies, and Internet network access service enterprises, are to implement the responsibility, and on the basis the requirements of this Notification draft a work plan, clarifying tasks and the division of labor, work schedules and responsibility; specifying work with responsibility reaching the individual, to ensure that all tasks of this effort on cleaning up and standardization are completed on time.

(III) Strengthening communication, regularly delivering summaries and reports

Each Communications Administration Bureau, all basic telecommunications business group to strengthen communication and cooperation, sum up experience, to the end of each quarter section (Information and Communication Authority) submitted to the work progress, major problems at any Ministry reported. Departments (Information Communications Administration Bureaus) are to establish a reporting system, and periodically announce progress in the standardization and cleaning-up

Ministry of Industry and Information Technology

1/17/2017

 

Tip Us!

1 Comment

  1. To clarify between 电信主管部门 and 通信管理局 I have changed the latter to Communications Administration Bureaus- the translation they use themselves. Suggest that telecommunications be reserved for 电信, 通信 being broader.

1 Trackback / Pingback

  1. The Sinocism China Newsletter 01.24.17-TPP Officially Dead, White House Reiterates Tough Talk About South China Sea, Lunar New Year Starts This Week | The Sinocism China Newsletter

Leave a Reply

Your email address will not be published.


*