Source:http://www.szrd.gov.cn/rdyw/fgcayjzj/content/post_685359.html
Chapter I: General Provisions
Article 1: [Legislative Purpose]These Regulations are drafted based on the basic principles of relevant state laws and administrative regulations and in consideration of the actual conditions of the Shenzhen Special Economic Zone [SEZ] so as to regulate the planning, construction, use, and management of public safety video image information systems in the Shenzhen SEZ; to maintain national security, public safety, and social order; to prevent, discover, and combat illegal and criminal conduct; and to protect the lawful rights and interests of natural persons, legal persons, and unincorporated organizations.
Article 2: [Scope of Application]These Regulations apply to the planning, construction, use, and management of public security video and image information systems in the Shenzhen Special Economic Zone.
Article 3: [Basic Concepts]"Public Safety Video Information Systems" (hereinafter simply "systems") as used in these Regulations refers to systems involving public security in public spaces, key units, and important facilities that employ video image surveillance and related technical equipment for the collection, transmission, display, storage, use, and management of video image information.
Article 4: [Basic Principles]The system should follow the principles of overall planning, uniform standards, resource sharing, security and controllability, and lawful use.
Article 5: 【Government Duties】The municipal and district people's governments (including district management bodies hereinafter) shall do the overall planning for system planning, construction, and resource sharing, and include this in the city plans and smart city construction systems.
Article 6: [Duties and Division of Labor] The public security organs are the regulatory department for systems, responsible for oversight and management of systems.
The departments for government data are responsible for efforts on sharing public safety video image information, and other state organs and relevant departments are to complete efforts on the construction, use, and management of systems, as well as their guidance and oversight efforts, in accordance with their duties and divisions of labor.
Under the guidance and oversight of the public security organs and industry regulatory departments, enterprises, public institutions, and social organizations are to complete efforts on the construction, use, and management of systems in accordance with law.
Article 7: [Industry Self-discipline]Security industry organizations shall promote industry self-discipline, guiding the industry to regulate business and promoting the healthy development of the industry; and are to complete efforts such as on publicizing laws, regulations, rules, and standards, as well as on training for industry personnel.
Chapter II: Planning and Construction
Article 8: [Planning]In conjunction with municipal management departments such as for reform and development, emergy response, and government data, the municipal public security organs shall compile plans for special establishment of systems as needed for public safety, emergency response management, and information collection, and plan their implementation after reporting for approval to the municipal people's government.
Video image information systems involving the collection of sensitive information such as people's images or figures, and car plates, shall be uniformly planned by the municipal public security organs.
In conjunction with relevant departments, the district public security organs shall compile plans for the construction of systems in the corresponding administrative region based on the municipal plans for system construction, and organize their implementation after reporting for approval to the people's government for that level.
The compilation and implementation of [plans] for the construction of systems shall fully utilize and integrate existing video image information system resources to avoid duplicative construction.
Article 9: [Scope of Installation and Responsible Entities] The following public spaces, key units, and important facilities that involve public safety shall construct and install systems:
(1) Airports, ports, docks, train stations, public transport stations, and other key parts of transportation hubs, highways, expressways, light rail tracks, major and minor arterial roads, bridges, and other key sections of important municipal transportation facilities; key parts of ports of entry and national (or regional) borders; venues such as public squares, tunnels, and pedestrian crossings; public transportation such as subways, light rail, passenger vehicles, passenger ships; and key parts of river or sea barriers, protected drinking water sources, and flood control and drainage facilities;
(2) Key units such as for radio, television, newspapers, telecommunications, and post; and facilities such as oil depots, gas stations, CNG stations, charging stations, water supplies, gas supplies, and power supplies; as well as nuclear energy and other large-scale power facilities;
(3) Party and government organs, key scientific research bodies, key units for the protection of cultural relics, museums, memorial halls, archives, exhibition halls, judicial and public security oversight, and other places, as well as places where important documents, test papers, and archive materials are printed and stored;
(4) Business, storage, manufacturing, and system operations such as for finance and securities, and armored transport; and storage and business locations for precious metals and gems, antiques, jadeware, and other valuables;
(5) Weapon and ammunition depots; locations for the production and storage of infectious strains, toxins, or flammable, explosive, toxic, radioactive, or chemically dangerous items' important materials stores; and locations for storage and operations in logistics and deliveries;
(6) Educational, medical, and social welfare establishments; libraries, cultural centers, sports venues, tourism destinations, convention centers, industrial parks, hotels, residential complexes (urban villages, rental housing), and other such locations;
(7) Commercial streets, business districts, shopping malls, markets, and other places for trading goods; city parks, leisure and entertainment venues, foot massage venues, theaters, Internet access service businesses, dining venues, bars, public parking lots, and other places for public activities and gathering;
(8) Other public places, key units, and important facilities that laws, regulations, rules, and the municipal government provide shall construct systems.
The owners and those with the right to use venues, units, or facilities that need to install systems are to agree on the entity responsible for system construction; where they do not have an agreement, the owners are the responsible entity; but where the State is the owner, the parties with usage rights are the responsible entity.
The venue or unit where systems are located, or the persons with the right to use facilities, are responsible for systems' management.
Article 10: [Scope of prohibitions on installation] The installation of systems is prohibited in places and areas that might reveal citizens' privacy such as hotel guest rooms, hospital patient rooms, hospital examination rooms, dormitories, public baths, restrooms, dressing rooms, rooms for nursing children.
Article 11: [Scope of restrictions on installation] Installation of systems outside of the range provided for in the first paragraph of Article 9 shall be limited to meeting personal security and protection needs.
Article 12: [Specific Requirements for Installation]Public security organs shall draft accompanying measures clarifying installation positions and specific requirements for installation.
Article 13: [Design, construction work, acceptance standards]Where construction projects for new constructions, renovations, and expansions shall establish and install systems in accordance with the first paragraph of article 9 of these Regulations, the system construction shall be designed, constructed, and put into use at the same time as construction project.
Compliance demonstration and completion acceptance of system design plans shall be organized by the constructing unit unit and shall be implemented in accordance with national standards; where there are no national standards, they shall be implemented in accordance with industry standards; and where there are no industry standards, they shall be implemented in accordance with Shenzhen local standards and relevant technical specifications.
Article 14: [Testing Requirements]Before completion is accepted for systems whose construction is provided for in items (1) - (5) of the first paragraph of article 9 of these Regulations, they shall pass testing by a testing establishment that possesses testing ability.
Article 15: [Product Standard Requirements] Where products used in systems are already listed in the national catalog of products requiring certification, they shall go through mandatory product certification; where they are not listed in the national catalog of products requiring certification, products that are mature and stable, safe and controllable shall be employed, and they shall comply with the quality standards provided by the state.
Article 16: [Units that Must Not Designate Products]State organs and relevant departments, as well as their staffs, must not designate testing bodies, contractors, or product brands and vendors for construction units and individuals installing systems.
Article 17: [Construction Capacity] Contractors are to undertake system design, construction, and maintenance in accordance with the scope of operations on the business license and shall possess the corresponding construction capacity.
Article 18: [Filing] The construction unit shall report the following materials to the public security organ for the site of the system for filing within 30 days of the system completion acceptance:
(1) Filing declaration form;
(2) System design plan, compliance demonstration report, and completion acceptance report;
(3) Mandatory product certification documents or quality control documents;
(4) The contractors' business licenses;
(5) Other materials provided for by laws and regulations.
For systems whose construction and installation is provided for by items (1) - (5) of the first paragraph of article 9 of these Regulations, the filings shall also provide reports on passing testing the meet the requirements of article 14.
For systems that were already established before these Regulations took effect, the system managers shall file with public security organs for the location of the system within 60 days of the Regulations taking effect, and the filing materials should follow the provisions of the first paragraph of this article.
Article 19: 【Movement and Removal Provisions】Where systems within the scope of construction and installation provided for in the first paragraph of article 9 of these Regulations need to be moved or removed; the party moving or removing them shall submit a plan for reconstruction after the move or removal and a plan for the transition.
Systems that are not within the scope of construction and installation provided for in the first paragraph of article 9 of these Regulations may be moved or removed but it shall be reported for recording to the public security organs for the system's location 30 days in advance.
Article 20: [Setting up Signs]Where system cameras are installed in public areas, notice signs shall be set up and shall be conspicuous.
Article 21: 【Networking Requirements】Construction units shall leave a network interface for systems to assist in carrying out efforts on shared networking.
Chapter III: Use and Management
Article 22: [Resource Sharing] The departments for the management of municipal data shall follow the principles of scientific planning, safe usage, and open sharing, and organize and carry out inter-departmental information sharing work in accordance with relevant provisions and as needed for public safety, public services, and management work.
Other state organs and relevant departments shall promote and strengthen systems' social service and open sharing in accordance with relevant information security technical provisions.
Article 23: [Security Evaluation]System managers shall conduct classified protection for information security, risk evaluation, and emergency response in accordance with relevant provisions, and strengthen information sharing and security management.
Units that provide public safety video image information resource sharing shall follow the laws, regulations, and provisions on security and confidentiality management in removing sensitive and secret video image information and ensuring the security of openly shared information; and where it is discovered that risks might exist, shall promptly address them.
Article 24: [Duties of Construction Units and Managers] Units constructing systems and managers shall perform the following duties: :
(1) Establish and complete mechanisms for operations and maintenance and for information security management, implement systems for periodic assessments of system performance and security risks; determine the persons responsible for the system, for looking after it and maintaining it, and ensure the system's security and stable operations;
(2)Conduct training on legal knowledge and job skills for the persons responsible for systems and those looking after them and maintaining them, and strengthen education on confidentiality, oversight, and management;
(3) Properly keep the completed system diagrams and related materials, and where public safety video image information is accessed, reproduced, or viewed, register the persons involved, time, purpose, and whereabouts;
(4) Where internet transmission is employed, the subject of the acquisition shall be notified and information security protection obligations are to be performed; information must not be leaked;
(5) Establish emergency response plans, appropriately handle warnings and where potential threats to national security and public safety or suspected illegal and criminal information are discovered, promptly report to the public security organs.
(6) Other duties provided by laws and regulations.
Article 25: [Duties of Involved Units]Units engaged in the design, construction, and maintenance of systems shall perform the following duties:
(1) Design, construction, and maintenance shall meet relevant standards and ensure quality, performing service commitments;
(2) Establish and complete systems for security and confidentiality, archiving and reference;
(3) Strengthen involved personnel's awareness of law and confidentiality, and their technical skills training;
(4) Other duties provided for by laws and regulations.
Article 26: [Network Security Requirements] Telecommunications businesses and internet service businesses shall cooperate with units constructing systems to implement network security systems and technical security and defense measures; strengthen security management in network transmission, increase capacity for cybersecurity and defense, and ensure the cybersecurity and information security of video transmission.
Article 27: [Periodic Testing]Systems installed by public spaces, key units, and important facilities in accordance with the first paragraph of article 9 of these Regulations shall follow the requirements of the city's security and defense system testing specifications, and district public security organs are to periodically organize testing and issue testing reports. Where they do not pass the tests, a notification to make corrections is to be issued, and the tested unit shall make corrections as required.
Article 28: [Testing Bodies] System testing bodies shall comply with laws and regulations and follow the relevant standards and technical specification requirements to objectively, equitably, and promptly issue testing reports, and are to bear responsibility for testing outcomes. A copy of the testing report is to be sent by the testing body to the public security organ for the location of the system for recording.
Article 29: [Prohibited Conduct] The following conduct must not be exhibited by any unit or individual:
(1) Obstructing or undermining the construction of systems;
(2) Undermining or modifying systems' operating procedures;
(3) Changing a system's location, purpose, or scope of use without authorization;
(4) Putting information obtained by a system on the Internet without employing security measures;
(5) Obstructing the normal operation and information collection of systems that have already been constructed;
(6) Stealing or destroying system equipment or facilities, or leaking basic system information;
(7) Other conduct impacting systems' operation and use.
Article 30: [Information Protection]The information collected by systems is protected by law, and the following conduct must not be exhibited by any unit or individual:’
(1) Buying, selling, or illegally using or transmitting information acquired by the systems;
(2) Using the information acquired to leak state secrets, commercial secrets, or personal privacy, or to infringe on the lawful rights and interests of natural persons, legal persons, or unincorporated organizations;
(3) the information acquired must not be deleted, concealed, destroyed, or damaged during the information retention period;
(4) using, reproducing, reshooting, or providing information acquired by systems without authorization;
(5) Refusing or obstructing the lawful checking or use of information acquired by the system by state organs or relevant departments;
(6) Using acquired information to illegally conduct identifications of individuals based on their image, figure, car plates, or other sensitive information;
(7) Other conduct illegally using information acquired by systems;
Article 31: [Protection of Sensitive Information] When sensitive video image information such as persons' images, figures, or car plates is used in public broadcasts, protective measures shall be employed on private information such as parties' personal characteristics and vehicle numbers to make them unidentifiable and making it so that they cannot be restored.
Article 32: [Period for Retention of Information]Information acquired by systems shall be continuously stored and its authenticity and integrity are to be guaranteed; the period for retention shall be not less than 30 days; the retention period for information acquired by systems for the prevention of terrorist attacks on key targets shall not be less than 90 days; the period for retaining system logs is not to be less than 180 days; but where laws and regulations provide otherwise, follow those provisions.
Article 33: [Access, Reproduction, and Requests to View Information] As needed for law enforcement work, public security organs and state security organs may access, request to view, and reproduce video image information without compensation.
When public safety emergencies occur, the state organs and relevant departments with the power to investigate and address the matter may access, request to view, and reproduce video image information without compensation.
Other state organs and other relevant departments may access, request to view, and reproduce system image information in the industry or region of their jurisdiction without compensation as needed for administrative law enforcement efforts; and where it is necessary to access, request to view, or reproduce system image information that is not in the industry or region of their jurisdiction, they shall get the consent of the system managers or permission of the public security organs.
Article 34: Requirements for Access, Reproduction, and Requests to View Information]When public security organs, state security organs, and other state organs and relevant departments access, request to view, or reproduce information related to the industries or regions in their jurisdiction, they shall obey the following provisions:
(1) There must be at least two staff members;
(2) Present work ID;
(3) Perform registration formalities;
(4) Obey systems for use and confidentiality of the system information;
Article 35: [Interested Parties' Right to Emergency Access] In urgent situations such as those resulting from personal or property rights suffering major injury, interested parties may access or request to view related portions of information upon the approval of the system managers, but must not reshoot or reproduce them. Where it is truly necessary in order to preserve evidence or where laws or regulations provide for the reproduction of video image information, it shall be upon the approval of the public security organs for the are in which the system is located.
The system managers shall register the length and matter for the access, requested viewing, or reproduction, as well as the identification information, and the time at which the access, requested viewing, or reproduction began.
Article 36: [Oversight Inspections]Public security organs shall strengthen oversight inspections of systems in public spaces, key units, and important facilities; and where system security threats are found, they shall promptly urge the relevant units to make corrections in a set period of time.
Oversight inspections primarily include the following matters:
(1) System installation;
(2) System recording and obtaining of testing reports;
(3) Periodic appraisals of system performance and security risks;
(4) System operation and storage of acquired information;
(5) Implementation of security measures and management systems;
(6) Other matters that laws and regulations provide require oversight inspections.
Article 37: [Awards]Where system managers provide major evidence or leads in cracking criminal matters, administrative cases, or catching persons suspected of breaking the law or crimes, the public security organs shall give commendations and awards in accordance with relevant provisions.
Chapter IV: Legal Responsibility
Article 38: [Legal Responsibility for Failure to Install Systems]Where the first paragraph of article 9 of these Regulations is violated by not installing systems where systems must be installed, the public security organs are to give warnings and order that corrections are to be made in a set period; where the corrections are refused, the unit is to be given a fine of between 10,000 and 30,000 RMB and the directly responsible management and other directly responsible persons may be given a fine of between 2,000 and 5,000 RMB; and where serious consequences are caused the unit is to be given a fine of between 30,000 and 100,000 RMB, and the directly responsible management and other directly responsible persons are to be given a fine of between 5,000 RMB and 10,000 RMB.
Article 39: [Legal Responsibility for Violations of Prohibitions on Installation and Use] In any of the following situations where these Regulations are violated, the public security organs are to give warnings and order that corrections be made in a set period of time; where corrections are refused, individuals are to be fined between 2,000 and 5,000 RMB and units are to be fined between 10,000 and 30,000 RMB; and the units' directly responsible management and other directly responsible persons may be given a fine of between 2,000 and 5,000 RMB; where there is a violation of public security administration, punishment is to be given in accordance with the PRC Law on Public Security Administration Penalties, and where a crime is suspected, it is to be transferred to the justice organs to be handled in accordance with law:
(1) Violations of article 10 of these Regulations by installing systems in venues or areas involving citizens' privacy;
(2) Violations of article 11 of these Regulations by installing systems outside the scope provided for in the first paragraph of article 9, exceeding that necessary for personal protection.
Article 40: [Legal Responsibility for Violations of Provisions on Construction] In any of the following situations where these Regulations are violated, the public security organs are to order that corrections be made in a set period of time; where corrections are refused, units are to give a fine of between 2,000 and 10,000 RMB, and the units' directly responsible management and other directly responsible persons may be given a fine of between 2,000 and 5,000 RMB; where serious consequences are caused, units are to be given a fine of between 10,000 and 30,000 RMB, and the units' directly responsible management and other directly responsible persons are to be given a fine of between 2,000 and 5,000 RMB, and an order to stop operations may be givn.
(1) Violations of article 14 of these Regulations by not testing systems as required;
(2) Violations of article 15 of these Regulations by using products that do not meet compliance requirements;
(3) Violations of the first paragraph of article 19 of these Regulations by not submitting a reconstruction and transition plan in moving or removing systems.
Article 41: [Legal Responsibility for Violating Provisions on Use]In any of the following circumstances where these Regulations are violated, the public security organs are to give warnings and order that corrections be made in a set period of time; where corrections are refused, units are to be given a fine of between 10,000 and 30,000 RMB, and the units' directly responsible management and other directly responsible persons may be given a fine of between 2,000 and 5,000 RMB:
(1) Violations of article 18 of these Regulations by not recording systems as required;
(2) Violations of the second paragraph of article 19 of these Regulations by not recording movement or removal of systems as required;
(3) Violations of article 21 of these Regulations by system construction units not cooperating with efforts for open sharing on the internet;
(4) Violations of article 24 of these Regulations by system constructing units and managers failing to perform relevant duties as reqired;
(5) Violations of article 25 of these Regulations by units involved with systems not performing relevant duties as required;
(6) Violations of article 28 of these Regulations by testing bodies not performing relevant duties as required;
(7) Violations of article 31 of these Regulations by not employing protective measures when publicly transmitting video image information such as persons' images or figures, and car plates;
(8) Violating article 32 of these Regulations by not storing information acquired by systems as required.
Article 42: [Legal Responsibility for Violating Network Security Provisions] Violations of article 26 of these Provisions by failure to cooperate with the entities responsible for constructing systems in the implementation of network security systems and technical security and defense measures; and where serious consequences are caused, the public security organs are to give units a fine of between 30,000 and 100,000 RMB; and the units directly responsible management and other directly responsible persons are to be given a fine of between 5,000 and 10,000 RMB.
Article 43: [Legal Responsibility for Violating Prohibitions] Where any of the illegal conduct provided for in article 29 of these Regulations is exhibited, the public security organs are to order that corrections be made, give individuals a fine of between 2,000 and 5,000 RMB, give units a fine of between 10,000 and 30,000 RMB, and give units directly responsible management and other directly responsible personnel a fine of between 2,000 and 5,000 RMB; where serious consequences are caused, individuals are to be given a fine of between 5,000 and 10,000 RMB;units are to be given fines of between 30,000 and 100,000 RMB, and the units directly responsible management and other directly responsible personnel are be given a fine of between 5,000 and 10,000 RMB; where there are violations of public security administration, punishment is to be given in accordance with the PRC Law on Public Security Administration Punishments; and where crimes are suspected, they are to be transferred to the justice organs to be handled in accordance with law.
Article 44: [Legal Responsibility for Violations in the Use of Information] Where there is any of the illegal conduct provided for in article 30 of these Regulations, the public security organs are to give individuals a fine of between 2,000 and 5,000 RMB, give units a fine of between 10,000 and 30,000 RMB, and may give units' directly responsible management and other directly responsible persons a fine of between 2,000 and 5,000 RMB; and where serious consequences are caused, give individuals a fine of between 5,000 and 10,000 RMB, give units a fine of between 30,000 and 100,000 RMB, and give units' directly responsible management and other directly responsible persons a fine of between 5,000 and 10,000 RMB; where there are violations of public security administration, punishment is to be given in accordance with the PRC Law on Public Security Administration Penalties; and where a crime is suspected it is to be transferred to the justice organs to be handled in accordance with law.
Article 45: [Legal Responsibility for Violations of Provisions on Emergency Access] Where article 35 of these Regulations is violated by reshooting or reproducing public safety video image information or by managers not registering relevant information; the public security organs are to give individuals fines of between 2,000 and 5,000 RMB, give units fines of between 10,000 and 30,000 RMB, and give units' directly responsible management and other directly responsible persons fines of between 2,000 and 5,000 RMB.
Article 46: [Legal Responsibility of Administrative Organs and their Staff] In any of the following circumstances, during system management work by state organs, relevant departments, and their staffs, a higher-level organ or supervision organ is to order corrections; where the circumstances are serious, the directly responsible management and other directly responsible persons are to be given sanctions in accordance with law; where crimes are suspected, they are to be transferred to the justice organs to be handled in accordance with law;
(1) Violations of article 16 of these Regulations by using authority to designate testing bodies, contractors, and product brands or vendors;
(2) Violations of article 22 of this Law by not carrying out system social service and open sharing as required;
(3) Violations of article 23 of these Regulations by not promptly handling security risks in openly sharing video information resources;
(4) Violations of articles 33 or 34 of these Regulations by not obeying provisions on system access, view requests, or reproductions;
(5) Violations of article 36 of these Regulations by not performing oversight inspection duties in accordance with law and causing serious consequences;
(6) Other situations of abusing authority, dereliction of duties, or twisting the law for personal gain.
Chapter V: Supplementary Provisions
Article 47: [Other] "Above", "below", and "within" as used in these Regulations all include that number or level.
Article 48: [Implementation Date]These Regulations are to take effect on 20XX, X, X.
English
中文(简体)
Be First to Comment