Chapter III Network Operation Security
Article 24
Translation Notice
This is an unofficial English translation prepared for general informational purposes only. It does not constitute legal advice. In case of any discrepancy, the official Chinese text published by the competent authority shall prevail.
本文为非官方英文翻译,仅供一般信息参考,不构成法律意见。如与主管机关发布的中文正式文本不一致,以中文正式文本为准。
Chinese Original
第二十四条 网络产品、服务应当符合相关国家标准的强制性要求。网络产品、服务的提供者不得设置恶意程序;发现其网络产品、服务存在安全缺陷、漏洞等风险时,应当立即采取补救措施,按照规定及时告知用户并向有关主管部门报告。 网络产品、服务的提供者应当为其产品、服务持续提供安全维护;在规定或者当事人约定的期限内,不得终止提供安全维护。 网络产品、服务具有收集用户信息功能的,其提供者应当向用户明示并取得同意;涉及用户个人信息的,还应当遵守本法和有关法律、行政法规关于个人信息保护的规定。
English Translation
Network products and services shall comply with the mandatory requirements of relevant national standards. Providers of network products and services shall not install malicious programs. When providers discover security defects, vulnerabilities, or other risks in their network products or services, they shall immediately take remedial measures, promptly notify users in accordance with regulations, and report to relevant competent departments. Providers of network products and services shall continuously provide security maintenance for their products and services, and shall not terminate security maintenance within the period specified by regulations or agreed by the parties. Where network products or services have functions for collecting user information, their providers shall clearly notify users and obtain consent; where users' personal information is involved, the provisions of this Law and relevant laws and administrative regulations on personal information protection shall also be observed.
Free web reference version. Editable bilingual Word/PDF/Excel packages may be provided separately after editorial review.