The Macao Executive Council today presented a proposed cybersecurity law aimed at preventing threats to the computer network and critical infrastructures essential to the city, such as water, electricity, the financial system and telecommunications.
The draft law, which is for debate and vote in the Legislative Assembly, establishes the cyber-security system of the Chinese special administrative region and regulates its functioning, to strengthen the cybersecurity of the main critical infrastructure operators and to ensure “major public interests as well security, and public order, “the agency said in a statement.
In addition to “clearly determining the definitions of computer networks, computer systems and computer data”, as well as “unauthorized acts” and “cybersecurity incidents”, the proposal recommends that critical infrastructure operators include services, bodies and public entities, private transport entities, telecommunications, banks and insurance, health care and water and electricity supply.
The diploma provides for the creation of the “cybersecurity main responsibility” post, which in case of cybersecurity incidents should notify the Cyber Security Incident Alert and Response Center (CARIC), composed of public entities with technical functions and coordinated by the Judiciary Police. This centre is responsible for the management and implementation of emergency response measures.
The permanent commission for cybersecurity (CPC) is a decision-making body of the Government, which is responsible for defining guidelines, general objectives and strategies for cybersecurity, according to the note. Together with cybersecurity oversight agencies, CPC and CARIC make up Macao’s cybersecurity system.
The new proposal, due to enter into force 180 days after its publication, provides for the verification and registration of the identity of users by network operators, in particular telecommunications operators.
The law provides for fines of between 50,000 and 5 million patacas (between 5,300 and 533,000 euros) for infractions, and ancillary sanctions are still applicable.
More than 80% of those who participated in the public consultation on the cybersecurity law, which took place at the end of 2017, consider the creation of a computer network security system as a matter of urgency.
“More than 87% of the opinions, both from the sectors and the public, consider that it is necessary and urgent to establish a system of protection of cybersecurity” in the territory, according to the final report published last Thursday by the Government of Macau .
The Executive Council is a body to assist the head of the Government of Macao in decision-making, with the mission of, inter alia, submitting bills to the Legislative Assembly.