This translation is by Jamie P. Horsley. It is based on but substantially revised from the English translation of the 2017 Regulations for Internet Content Management Administration Law Enforcement Procedures, available here.
Editor’s note: The translation has not been edited to conform to DigiChina style, and it deviates from house conventions in one prominent respect. DigiChina usually translates the term 网信 wǎngxìn as “cybersecurity and informatization,” treating it as a short form of 网络安全和信息化 wǎngluò ānquán hé xìnxīhuà. This translation renders it as “cyberspace,” following the official but non-literal translation used by the Cyberspace Administration of China’s Communist Party parent entity, the “Central Cyberspace Affairs Commission” (as the organization calls itself in English) or, as DigiChina has called it using a literal translation, the “Central Commission for Cybersecurity and Informatization” (中央网络安全和信息化委员会).
Chinese-language original: http://politics.people.com.cn/n1/2022/0908/c1001-32522416.html
Archived copy: https://web.archive.org/web/20220908044106/http://politics.people.com.cn/n1/2022/0908/c1001-32522416.html
Provisions on Procedures for Administrative Law Enforcement by Cyberspace Departments (Draft for Comment)
Chapter I: General Provisions
Article 1. These Provisions are formulated to standardize responsibilities of cyberspace departments and ensure that they are carried out in accordance with the law, they protect the legitimate rights and interests of citizens, legal persons, and other organizations, they uphold national security and the public interest, and they are in accordance with such laws and administrative regulations as the Administrative Punishment Law of the People’s Republic of China, the Cybersecurity Law of the People’s Republic of China, the Data Security Law of the People’s Republic of China, and the Personal Information Protection Law of the People’s Republic of China.
Article 2. When cyberspace departments carry out administrative law enforcement in accordance with the law, and impose administrative punishments for violations of the law, these Provisions shall apply.
The term “cyberspace departments” as used in these Provisions refers to the Cyberspace Administration of China and local cyberspace administrations.
Article 3. Administrative punishment implemented by cyberspace departments should follow the principles of fairness and openness, and persist in combining punishment and education; the facts shall be clear, the evidence conclusive, the basis applied correct, the procedures lawful, and the punishments appropriate; and the law enforcement documents used shall be standardized.
Article 4. Cyberspace departments shall establish an administrative law enforcement supervision system.
Higher-level cyberspace departments shall supervise lower-level cyberspace departments’ implementation of administrative law enforcement.
Article 5. Cyberspace departments should strengthen the building of law enforcement teams and law enforcement capabilities, and establish and improve the training, examination and assessment, qualification management, and employment certification systems for law enforcement personnel.
Law enforcement personnel should participate in the cyberspace departments’ organized legal and operational knowledge training, undergo administrative law enforcement qualification examination and assessment certification, and have received law enforcement credentials before engaging in law enforcement work.
Law enforcement credentials shall be uniformly made and issued jointly by the national cyberspace department, or issued by cyberspace departments of authorized provinces, autonomous regions, or directly administered municipalities.
Article 6. Cyberspace departments and their law enforcement personnel should keep confidential the state secrets, commercial secrets, and personal private information they learn in the course of law enforcement.
Article 7. Law enforcement personnel should recuse themselves under any of the following circumstances; the parties also have the right to request recusal of law enforcement personnel:
(1) If they are a party or close relative of a party in the case;
(2) If they have a direct interest in the case;
(3) If they have other relationships with the case that might influence the fairness of the law enforcement.
The responsible persons of cyberspace departments shall decide if law enforcement personnel should be recused. Prior to the recusal decision, the personnel whose recusal has been requested shall not halt their investigation of the case.
Chapter II: Jurisdiction
Article 8. Administrative punishments shall fall under the jurisdiction of the cyberspace department in the place where the violation occurs. If laws, administrative regulations, or departmental rules provide otherwise, such provisions shall be followed.
The place where the violation occurs includes the relevant location of the service license or record filing of the network operator that committed the violation, the principal place of business, place of commercial registration (if the place of commercial registration is inconsistent with principal place of business, use the principal place of business), the legal person domicile, the location of the website platform founder, manager or user, where the network was accessed, and the location of computer and other terminals and equipment.
Article 9. Cyberspace departments at the level of districted city and below shall according to their authority have jurisdiction over internet information content, cybersecurity, data security and personal information protection administrative punishment cases in the administrative area in which they are located.
Provincial, autonomous regional, and directly administered municipal cyberspace departments shall, according to their authority, have jurisdiction over major and complex internet information content, cybersecurity, data security, and personal information protection administrative punishment cases in the administrative area in which they are located.
The national cyberspace department shall, according to its authority, have jurisdiction over its own administrative punishment cases and major and complex internet information content, cybersecurity, data security, and personal information protection administrative punishment cases of national scope.
Article 10. In instances where two or more cyberspace departments have jurisdiction over the same violation of the party (parties), the first cyberspace department to file the case will have jurisdiction.
In instances where jurisdiction between two or more cyberspace departments is disputed, the matter should be resolved through consultation. If consultation fails, the matter should be reported to the higher-level cyberspace department common to both to designate jurisdiction; jurisdiction can also be directly designated by the common higher-level cyberspace department.
Article 11. When a higher-level cyberspace department deems it necessary, it may directly handle a case under the jurisdiction of a lower-level cyberspace department, and may also transfer a case under their jurisdiction to lower-level cyberspace departments’ jurisdiction. If laws, regulations, and rules clearly provide that the case should be under the jurisdiction of the higher-level cyberspace department, the higher-level cyberspace department may not hand over the case to the lower-level cyberspace department.
If a lower-level cyberspace department cannot exercise jurisdiction due to special reasons, it may report the matter to a higher-level cyberspace department to take jurisdiction or to designate jurisdiction.
Article 12. If a cyberspace department finds that a case does not belong under its jurisdiction, it should promptly transfer the case to the cyberspace department with jurisdiction.
The cyberspace department to which the case has been transferred should in a timely manner report the results of the investigation and handling of the case to the transferring cyberspace department; if the transfer is not considered to be appropriate, the matter should be reported to the higher-level cyberspace department common to both to designate jurisdiction, and may not be transferred again on one’s own accord.
Article 13. After a higher-level cyberspace department receives a jurisdictional dispute or report requesting designation of jurisdiction, it should make a decision on the designated jurisdiction within 10 working days and notify the lower-level cyberspace department in writing.
Article 14. If a cyberspace department discovers that a case belongs to the jurisdiction of another administrative organ, it should be transferred to the relevant organ in accordance with the law.
If a cyberspace department discovers violations and suspects a crime, the matter should be promptly transferred to the judicial organs. If the judicial organ decides to file a case, the cyberspace department should, within three working days from the date of receipt of the notice of filing the case by the judicial organ, transfer the case-related materials to the judicial organ and handle transfer procedures.
Cyberspace department should strengthen coordination and cooperation with judicial organs, establish and improve the case transfer system, strengthen the transfer and receipt of evidentiary materials, and improve the case handling information notification mechanism.
Article 15. Where the original licensing or approved department in accordance with law should make an administrative punishment decision such as license revocation, a cyberspace department should send evidence and relevant materials it obtained to the original licensing and approval department, which shall in accordance with law make a decision whether to revoke the license, etc.
Article 16. An administrative punishment consisting of a fine may not be imposed more than once for the same violation of law by a party. If the same violation contravenes several legal provisions, with each of them imposing afine on such act, the provision that imposes the heaviest fine shall apply.
Chapter III: Ordinary Administrative Punishment Procedures
Section 1. Filing the case
Article 17. Cyberspace departments shall promptly investigate and handle the following matters and fill in a case source registration form:
(1) Leads for the case found in the course of supervision and inspection;
(2) Complaints, appeals, and reports from natural persons, legal persons, and other organizations;
(3) Cases assigned by higher level organs or reported by lower level organs for investigation;
(4) Cases transferred from relevant organs;
(5) Cases found through other means or channels.
Article 18. Filing administrative punishments cases should meet the following conditions:
(1) There are acts suspected to violate laws, regulations, or rules;
(2) Administrative punishment shall be imposed in accordance with law;
(3) The matter falls within the department’s jurisdiction;
(4) It is within the statutory time period for the imposition of administrative penalties.
If these conditions are met, a case filing approval form should be filled out, relevant materials should be attached at the same time, and it should be reported within seven working days to the responsible person of the cyberspace department for approval to file the case, and two or more law enforcement personnel should be designated as persons undertaking the case. In special circumstances, the time for case filing may be extended to 15 working days.
If a case regarding a complaint, appeal, or report is not filed, after approval by the responsible person of the cyberspace department, the result should be notified to the named complainant, appellant, or reporting person, and a written record of the relevant circumstances for not filing the case shall be kept.
Where cases are transferred from other organs, if the decision is made not to file a case, the transferring organ should be notified in writing.
Where cases are not filed or the case filing is revoked, the persons undertaking the case should make an approval form for not filing a case or for revoking a case, and report it to responsible person of the cyberspace department for approval.
Section 2. Investigation and Evidence Collection
Article 19. Case investigation and evidence collection by cyberspace departments should be conducted by law enforcement personnel with law enforcement qualifications. The law enforcement personnel may not be less than two people, and they should proactively show their law enforcement credentials to the parties or relevant personnel. When necessary, professional personnel may be hired to assist.
The first time evidence is collected or acquired from the parties to the case, they should be informed of the right to request recusal of the law enforcement personnel.
In collecting or acquiring evidence from units and persons, they should be informed of their obligation to truthfully provide evidence. Those being investigated and other relevant persons should truthfully respond to questions as well as assist and cooperate with the investigation, and promptly provide relevant materials that should be retained in accordance with law such as network operator released information, user released information, and daily logs, and may not obstruct or interfere with the case investigation.
Article 20. Cyberspace departments that, in the course of the law enforcement, require assistance in investigating or evidence collection from another region’s cyberspace department should issue a letter of investigation entrustment. The entrusted cyberspace department should actively provide assistance and complete the relevant work within 15 working days from the date it received the letter of entrustment. If it is necessary to extend the period for completion or the department cannot assist, it should promptly notify the entrusting cyberspace department in writing.
Article 21. Law enforcement personnel should collect in accordance with the law evidence relating to the case, including documentary evidence, physical evidence, audio-visual materials, electronic data, witness testimony, statements of the parties, expert opinions, inquiry transcripts and on-site disposition transcripts.
Electronic data refers to data that was formed during the course of the events related to the case and includes data that is stored, handled, or transmitted in digital form, and is able to prove the facts of the case, including but not limited to web pages, blogs, microblogs, instant messaging tools, forums, stickers, webs, email, network background, and other means of carrying electronic information or documents. Electronic data is mainly found in computer equipment, mobile communication equipment, Internet servers, mobile storage equipment, cloud storage systems, and other electronic equipment or storage media.
Audiovisual materials include recording materials and video materials.
Audio recordings or video materials stored in electronic media fall under the provisions for electronic evidence.
Article 22. Evidentiary materials obtained in accordance with the law in the course of investigation or supervision and inspection before filing a case may be used as evidence in the case.
For a transferred case, the evidentiary materials collected through investigation by the transferring organ within its authority may be used as evidence of the case.
Evidence should comply with the provisions of laws, regulations, and rules on evidence, and only after verification can it be used as the basis for determining the facts of the case. Evidence obtained by illegal means may not be used as the basis for determining the facts of a case.
Article 23. Before filing a case, cyberspace departments may take measures such as questioning, inquiries, inspection, appraisal, and collecting evidence, but may not restrict the personal or property rights of the subject of the preliminary investigation.
After the case is filed, cyberspace departments may take measures to register and retain goods, facilities, and places in advance.
Article 24. When cyberspace departments question parties or relevant personnel, they should make a transcript of questioning, and indicate the time, place, relevant facts, events and other content. The transcript of questioning should be given to the object of questioning or relevant personnel for verification and confirmation.
Article 25. Cyberspace departments shall conduct inquiries and inspection of places, goods, and networks involved in cyber violations, and promptly collect and fix documentary evidence, physical evidence, audio-visual materials, and electronic data.
Article 26. Cyberspace departments may entrust judicial appraisal institutions to issue appraisal opinions on specialized issues in the case; for issues that do not fall within the scope of judicial appraisal, they may entrust a competent or qualified institution to issue a test report or inspection report.
Article 27. Cyberspace departments may obtain evidentiary materials from relevant units and individuals that can prove the facts of the case, and may take pictures, make video recordings, photocopy and copy as necessary.
Documentary and physical evidence should be obtained from the original copy or article. If the original copy or article is difficult to obtain, the relevant units or individuals that provide the evidence may affix their signature or official seal to duplicates, marked with the words, “This item is provided by × × × and is verified to be no different from the original copy (article)” or text to this effect, and mark the date and the source of the evidence, and affix the signature or seal.
Audio-visual materials and electronic data obtained should be from the original medium or backup media. If it is difficult to obtain evidence from the original medium or backup media, it is permitted to collect copies and clearly mark the collection method, time, and persons, etc. Audio materials should be accompanied by a written record of the audio content.
Article 28. Where the evidence may be lost or might be difficult to obtain after-the-fact, on the approval of cyberspace departments, law enforcement personnel may, in accordance with the law, register and preserve in advance computers, servers, hard disks, mobile storage devices, memory cards, and other goods suspected to be involved with illegal activity, and make a list of goods being registered and preserved and issue a notice of goods registered and preserved to the parties. During the advance registration and preservation period, the parties and relevant persons may not damage, destroy, or transfer the evidence.
When cyberspace departments implement advance registration and preservation, they should notify the parties or those holding the goods to be present, and record on the spot the relevant measures taken.
Article 29. Cyberspace departments should, within seven working days, make the following decisions on advance evidence registration and preservation:
(1) Where evidence preservation measures need to be taken, the evidence shall be returned after taking recording, copying, photographic, video and other evidence preservation measures;
(2) Where inspection, testing or appraisal is required, the evidence shall be sent to an institution with corresponding qualifications for inspection, testing and appraisal;
(3) Where the facts of the violation are established and the evidence should be confiscated in accordance with the law, an administrative punishment decision shall be made in accordance with statutory procedures, and the illegal items shall be confiscated;
(4) If the facts of a violation are not established, or they are established but confiscation should not be conducted in accordance with the law, the advance registration and preservation shall be cancelled.
If no decision is made within the time limit, the advance registration and preservation should be cancelled.
Article 30. In order to collect and preserve electronic data, cyberspace departments may take measures such as on-site evidence collection and remote evidence collection, and order relevant units and individuals to fix and submit evidence.
After on-site and remote evidence collection are completed, an electronic evidence collection record should be made.
Article 31. Law enforcement personnel shall, during the investigation and evidence collection, require the parties to sign, leave a fingerprint, affix a seal or otherwise confirm records or other materials. If a party refuses to appear or refuses to sign, inscribe, seal, or otherwise confirm, or if the party cannot be found, the reason shall be marked by two law enforcement officers on the record or other materials, and relevant persons invited to sign as a witness or cover seal; it is also allowed to take recording, video, etc., as a record.
Article 32. Cyberspace departments handling personal information protection cases may utilize administrative compulsory measures such as sealing and seizure. To take or lift sealing or seizure measures, a written report should be made to the principal responsible person of the cyberspace department and approval shall be obtained.
If the situation is urgent and it is necessary to take sealing or seizure measures on the spot, law enforcement personnel should report to the principal responsible person of the cyberspace department within 24 hours, and go through makeup approval procedures. If the principal responsible person of the cyberspace department believes that sealing up or seizure measures should not have been taken, they should be lifted immediately.
Article 33. After the case investigation is closed, the person responsible for handling the case should write a case handling opinions report:
If a violation is considered to have been established and should be subject to administrative punishment, they should write a case handling opinion report and draft a recommendation of the proposed administrative punishment.
In any of the following situations, they should write a case handling opinion report explaining the reasons for the proposed handling, report to the responsible person of the cyberspace department for approval, and handle the matter according to the different circumstances:
(1) Facts of a violation have not been established, in which case administrative punishment should not be imposed;
(2) The circumstances of the violation were minor and were promptly rectified, without causing negative consequences, in which case administrative punishment shall not be imposed;
(3) It is a first-time violation of the law and the harmful consequences were minor and promptly rectified, in which case administrative punishment shall not be imposed;
(4) The parties have sufficient evidence to prove there was no subjective fault, in which case administrative punishment shall not be imposed. If laws and administrative regulations provide otherwise, such provisions shall be followed;
(5) The case is not under the jurisdiction of that organ and should be transferred to the jurisdiction of other administrative organs;
(6) A crime is suspected, and the case should be transferred to the judicial organs.
Article 34. While cyberspace departments are conducting a case investigation, if the facts already proving a violation have been established, they should order rectification or rectification within a time period of the violation.
Section 3. Hearings and Interviews
Article 35. Before making the following administrative punishment decisions, the cyberspace department should inform the parties that they have the right to request a hearing. If a party requests a hearing, it should submit it within five working days after being informed, and the cyberspace department should organize a hearing. A party shall be deemed to have waived the right if it fails to request a hearing within the time period:
(1) To impose a relatively large fine;
(2) To confiscate a relatively large amount of illegal gains or confiscate illegal property of relatively large value;
(3) To lower qualification levels or revoke licenses;
(4) To order suspension of production and business, order to close down, or order restrictions on employment;
(5) Other relatively major administrative punishments;
(6) Other circumstances prescribed by laws, regulations and rules.
Article 36. The cyberspace department should, within seven working days before the hearing, serve a notice of hearing to inform the parties and relevant personnel of the time and place of holding the hearing.
The hearing should produce a hearing record, and give it to the parties or their representatives to sign or affix a seal after parties it has been checked for correctness. If the parties or their representatives refuse to sign or affix a seal, the chairperson of the hearing shall so note on the record.
Hearings will be held in public unless they involve state secrets, business secrets, or personal privacy that shall be kept confidential in accordance with the law.
After the hearing is over, the cyberspace department shall make a decision based on the hearing record and in accordance with the stipulations of Article 41 of these Provisions.
Article 37. Before a cyberspace department makes an administrative punishment decision concerning a party, it may in accordance with relevant provisions conduct an interview, and make a transcript of the law enforcement interview after the conversation.
Section 4. Administrative Punishment Decision, Serving Notice
Article 38. Before making an administrative punishment decision, cyberspace departments should fill out a notice of administrative punishment opinion, informing the parties of the content and the facts, reasons and basis, as well as the rights of the parties in accordance with law such as to make a statement and defense.
Article 39. The parties have the right to make statements and a defense. Cyberspace departments should fully consider the opinions of the parties and should review the facts, reasons and evidence submitted by the parties; if the facts, reasons or evidence submitted by the parties are found to have merit, the cyberspace departments should adopt them. If a party fails to make a statement or defense within three working days from the date of receipt of the notice, the party shall be deemed to have waived their right.
Cyberspace departments may not increase the severity of the punishment because of a party’s statement or defense.
Cyberspace departments and their law enforcement personnel that before making an administrative punishment decision fail to, in accordance with these Provisions, inform the parties of the content, as well as the facts, reasons, and basis for, an intended administrative punishment or refuse to consider the statements and defenses of the parties may not make the administrative punishment decision; unless the parties expressly waive the right to make a statement or defense.
Article 40. Under any one of the following circumstances, before the responsible person of the cyberspace department makes an administrative punishment decision, a person responsible for conducting legal reviews of administrative punishment decisions should carry out a legal review; no decision may be made without undergoing and passing a legal review:
1. A major public interest is involved;
2. The case is directly related to the major rights and interests of a party or a third personand has undergone a hearing procedure;
3. The case is difficult and complicated and involves multiple legal relationships; or
4. Other circumstances under which legal review should be conducted as prescribed in laws or administrative regulations.
Legal review shall be carried out by the office specified by the cyberspace departments to be responsible for legal review. The personnel of the cyberspace department conducting legal review of an administrative punishment decision for the first time should have passed the National UnifiedLegal Professional Qualification Examination and obtained the legal professional qualification.
Article 41. The proposed administrative punishment decision should be reported to the responsible person of the cyberspace department. The responsible person of the cyberspace department shall, based on different circumstances, respectively make the following decisions:
(1) If there is a violation that truly should receive an administrative punishment, the administrative punishment decision shall be made based on the seriousness and specific circumstances of the case;
(2) If the violation is minor and the administrative punishment may in accordance with law be not imposed, administrative punishment shall not be imposed;
(3) If the facts of a violation cannot be established, administrative punishment shall not be imposed;
(4) If a crime is suspected, the case should be transferred to the judicial organs.
Article 42. In cases of complex or major violations, the responsible persons of the cyberspace departments should collectively discuss and decision the matter. The process of collective discussion and decision should be documented.
Article 43. When cyberspace departments make administrative punishment decisions, they should make uniformly numbered administrative punishment decision documents.
Administrative punishment decision documents should set forth the following matters:
(1) The name of the party, address, and other basic information;
(2) The facts and evidence of violation of laws, regulations, or rules;
(3) The type and basis of the administrative punishment;
(4) The manner and time period for the execution of administrative punishments;
(5) The channels and time period to request administrative reconsideration and administrative litigation;
(6) The name of the cyberspace department making the administrative punishment decision and the date of the decision.
It the administrative punishment decision involves the confiscation of relevant articles, a certificate of confiscated articles should also be attached.
The administrative punishment decision document must be stamped with the seal of the cyberspace department making the administrative punishment decision.
Article 44. Administrative punishment cases handled by the cyberspace departments using ordinary procedures should make an administrative punishment decision within 90 days from the date of filing the case. If a decision cannot be made within the prescribed time period due to the complexity of the case or other reasons, it can be extended for 60 days with the approval of the responsible person of the cyberspace department. If the case is particularly complicated or there are other special circumstances, and a decision still cannot be made after an extension, the responsible person of the cyberspace department should collectively discuss and decide whether to continue the extension. If it is decided to continue the extension, a reasonable period of extension should be determined at the same time.
During the case handling process, the time for hearing, testing, inspection, appraisal, administrative assistance, etc., shall not be calculated in the time periods specified in the preceding paragraph.
Article 45. The administrative punishment decision should be delivered to the parties on the spot after the announcement; if the parties are not present, the administrative punishment decision should be served to the parties within seven working days in accordance with the relevant provisions of the Civil Procedure Law of the People’s Republic of China.
If the parties agree and sign a confirmation, the cyberspace department may use fax, e-mail, etc. to deliver the administrative punishment decision to the parties.
Chapter IV: Implementation and Closing the Case
Article 46. After the administrative punishment decision is served, the parties should carry it out within the time period designated by the administrative punishment decision document.
If the parties truly have financial difficulties, they may submit an application for extension or installments to pay fines and submit written materials. After verification of the case, the persons undertaking the case may designate the time for extension or installment amounts for paying the fine and, after reporting to the responsible person of the cyberspace department for approval, the parties may postpone or pay the fine in instalments.
Article 47. If a network operator violates relevant laws, regulations and rules requiring the department in charge of telecommunications to close the website, revoke the internet information service value-added telecommunictions operating license or cancel the record filing, the matter shall be transferred to the department in charge of telecommunications for handling.
Article 48. If parties are dissatisfied with an administrative punishment, they have the right to request administrative reconsideration or file an administrative lawsuit according to law.
If a party is dissatisfied with the administrative punishment decision, and requests administrative reconsideration or files an administrative lawsuit, the administrative punishment shall not stop being executed, unless otherwise provided by law.
If a party requests administrative reconsideration or files an administrative lawsuit, the amount of the additional fine shall not be calculated during the period of administrative reconsideration or administrative litigation.
Article 49. If s party fails to perform the administrative punishment decision within the time period, the cyberspace department that made the administrative punishment decision may take the following measures:
(1) If the fine is not paid by the due date, impose an additional fine at the rate of 3% of the fine amount per day, but the amount of the additional fine shall not exceed the amount of the fine;
(2) Apply to the people's court for compulsory execution in accordance with the Administrative Compulsion Law of the People's Republic of China.
If the cyberspace department approves the extension or instalment payment of the fine, the time period for applying to the people's court for compulsory enforcement shall be calculated from the end of the time period for the suspension or instalment payment of the fine.
Before a cyberspace department applies to the people’s court for compulsory enforcement, it should prepare a written reminder concerning implementation of the administrative punishment decision, to remind parties in writing of their obligations, and inform them of the time period, method, and rights to make a statement and defense in accordance with the law regarding their obligations, and for those involving a fine, the document should clearly set out the amount owed and payment method.
If the parties make statements and provide a defense, the cyberspace department should record and review the facts, reasons, and evidence presented by the parties, and prepare a record of the statement and defense and a written statement of opinion of the review. If the facts, reasons or evidence put forward by the parties are established, the cyberspace department should adopt them.
If the parties have still not yet complied with the administrative punishment more than ten working days after the written reminder to fulfill the administrative punishment decision has been delivered, the cyberspace department may request the people’s court for enforcement, and fill out an administrative punishment enforcement request.
Article 50. After the administrative punishment decision is fulfilled or enforced, if a case applying the ordinary procedure falls under any of the following circumstances, the law enforcement personnel should fill in a report on the closure of administrative punishment, arrange and order the materials of the case, and archive them.
(1) The administrative punishment decision has been fulfilled or the enforcement has been completed;
(2) The people's court has ruled to terminate the enforcement;
(3) The investigation of the case is terminated;
(4) A decision is made pursuant to Article 41 (2)-(4) of these Provisions;
(5) Other circumstances under which the case should be closed.
After the case is closed, the law enforcement personnel shall archive the case materials in accordance with the relevant provisions on archives management. The archiving of case files should be one case per file, with complete materials, standardized, and orderly.
Article 51. Cyberspace departments should, in accordance with the law, record the entire process of initiation, investigation, and evidence collection, review, decision, delivery, and enforcement of administrative punishment, in the form of text, audio and video, and archive it for preservation.
Article 52. The cyberspace department should establish and improve the supervision system for administrative punishment, and the implementation of administrative punishment should be subject to social supervision. Citizens, legal persons, or other organizations have the right to appeal or report against cyberspace departments concerning their administrative punishment actions; cyberspace departments should conduct serious reviews and proactively correct errors when they are found.
Chapter V: Supplementary Provisions
Article 53. The time periods in these Provisions are calculated in hours and days, excluding the hours and days when they begin. If the expiration date of a time period is a statutory holiday, the first day after the statutory holiday shall be the expiration date, except as otherwise provided by laws and regulations.
Article 54. The terms “above,” “below,” and “within” shall include the number.
Article 55. The national cyberspace department shall be responsible for formulating all document format templates applicable to administrative law enforcement. The cyberspace departments of provinces, autonomous regions and directly-administered municipalities may reference the document format templates, to formulate document formats applicable to administrative punishments in their own administrative region and print them on their own.
Article 55. These Provisions shall enter into force as of [day, month and year]. The Provisions on Administrative Law Enforcement Procedures for Internet Information Content Management (Order No. 2 of the Cyberspace Administration of China) promulgated on May 2, 2017, shall be repealed at the same time.
Chinese-language original
国家互联网信息办公室关于《网信部门行政执法程序规定(征求意见稿)》公开征求意见的通知
为了规范和保障网信部门依法履行职责,保护公民、法人和其他组织的合法权益,维护国家安全和公共利益,我办对《互联网信息内容管理行政执法程序规定》进行修订,形成了《网信部门行政执法程序规定(征求意见稿)》,现向社会公开征求意见。公众可通过以下途径和方式提出反馈意见:
1.登录中华人民共和国司法部 中国政府法制信息网(www.moj.gov.cn、www.chinalaw.gov.cn),进入首页主菜单的“立法意见征集”栏目提出意见。
2.通过电子邮件将意见发送至:zfjd@cac.gov.cn。
3.通过信函将意见寄至:北京市西城区车公庄大街11号国家互联网信息办公室网络执法与监督局,邮编:100044,并请在信封上注明“网信部门行政执法程序规定征求意见”字样。
意见反馈截止日期为2022年10月8日。
国家互联网信息办公室
2022年9月8日
网信部门行政执法程序规定
(征求意见稿)
第一章 总则
第一条为了规范和保障网信部门依法履行职责,保护公民、法人和其他组织的合法权益,维护国家安全和公共利益,根据《中华人民共和国行政处罚法》、《中华人民共和国网络安全法》、《中华人民共和国数据安全法》、《中华人民共和国个人信息保护法》等法律、行政法规,制定本规定。
第二条网信部门依法实施行政执法,对违法行为实施行政处罚,适用本规定。
本规定所称网信部门,是指国家互联网信息办公室和地方互联网信息办公室。
第三条网信部门实施行政处罚,应当遵循公正、公开的原则,坚持处罚与教育相结合,做到事实清楚、证据确凿、适用依据准确、程序合法、处罚适当、执法文书使用规范。
第四条网信部门建立行政执法监督制度。
上级网信部门对下级网信部门实施的行政执法进行监督。
第五条网信部门应当加强执法队伍和执法能力建设,建立健全执法人员培训、考试考核、资格管理和持证上岗制度。
执法人员应当参加网信部门组织的法律知识和业务知识培训,并经行政执法资格考试或者考核合格,取得执法证后方可从事执法工作。
执法证由国家网信部门统一制作、核发或者授权省、自治区、直辖市网信部门核发。
第六条网信部门及其执法人员对在执法过程中知悉的国家秘密、商业秘密或者个人隐私,应当依法予以保密。
第七条执法人员有下列情形之一的,应当自行回避;当事人也有权申请执法人员回避:
(一)是本案的当事人或者当事人的近亲属;
(二)与本案有直接利害关系;
(三)与本案有其他关系,可能影响公正执法的。
执法人员的回避由网信部门负责人决定。回避决定作出之前,被申请回避人员不停止对案件的调查。
第二章 管辖和适用
第八条行政处罚由违法行为发生地的网信部门管辖。法律、行政法规、部门规章另有规定的,从其规定。
违法行为发生地包括实施违法行为的网络运营者相关服务许可地或者备案地,主营业地、工商登记地(工商登记地与主营业地不一致的,应当按照主营业地),法人住所地,网站平台建立者、管理者、使用者所在地,网络接入地,计算机等终端设备所在地等。
第九条设区的市级以下网信部门依职权管辖本行政区域内的网络信息内容、网络安全、数据安全、个人信息保护等行政处罚案件。
省、自治区、直辖市网信部门依职权管辖本行政区域内重大、复杂的网络信息内容、网络安全、数据安全、个人信息保护等行政处罚案件。
国家网信部门依职权管辖应当由本部门实施行政处罚的案件及全国范围内重大、复杂的网络信息内容、网络安全、数据安全、个人信息保护等行政处罚案件。
第十条对当事人的同一违法行为,两个以上网信部门都有管辖权的,由最先立案的网信部门管辖。
两个以上网信部门对管辖权有争议的,应当协商解决,协商不成的,报请共同的上一级网信部门指定管辖;也可以直接由共同的上一级网信部门指定管辖。
第十一条上级网信部门认为必要时,可以直接办理下级网信部门管辖的案件,也可以将自己管辖的案件交由下级网信部门办理。法律、法规、规章明确规定案件应当由上级网信部门管辖的,上级网信部门不得将案件交由下级网信部门管辖。
下级网信部门对其管辖的案件由于特殊原因不能行使管辖权的,可以报请上级网信部门管辖或者指定管辖。
第十二条网信部门发现案件不属于其管辖的,应当及时移送有管辖权的网信部门。
受移送的网信部门应当将案件查处结果及时函告移送案件的网信部门;认为移送不当的,应当报请共同的上一级网信部门指定管辖,不得再次自行移送。
第十三条上级网信部门接到管辖争议或者报请指定管辖请示后,应当在十个工作日内作出指定管辖的决定,并书面通知下级网信部门。
第十四条网信部门发现案件属于其他行政机关管辖的,应当依法移送有关行政机关。
网信部门发现违法行为涉嫌犯罪的,应当及时将案件移送司法机关。司法机关决定立案的,网信部门应当自接到司法机关立案通知书之日起三个工作日内将与案件有关的材料移交司法机关,并办结交接手续。
网信部门应当与司法机关加强协调配合,建立健全案件移送制度,加强证据材料移交、接收衔接,完善案件处理信息通报机制。
第十五条网信部门对依法应当由原许可、批准的部门作出吊销许可证件等行政处罚决定的,应当将取得的证据及相关材料送原许可、批准的部门,由其依法作出是否吊销许可证件等决定。
第十六条对当事人的同一个违法行为,不得给予两次以上罚款的行政处罚。同一个违法行为违反多个法律规范应当给予罚款处罚的,按照罚款数额高的规定处罚。
第三章 行政处罚的普通程序
第一节 立案
第十七条网信部门应当对下列事项及时调查处理,并填写案件来源登记表:
(一)在监督检查中发现案件线索的;
(二)自然人、法人或者其他组织投诉、申诉、举报的;
(三)上级交办或者下级报请查处的;
(四)有关机关移送的;
(五)经由其他方式、途径发现的。
第十八条行政处罚立案应当符合下列条件:
(一)有涉嫌违反法律、法规和规章的行为;
(二)依法应当予以行政处罚;
(三)属于本部门管辖;
(四)在给予行政处罚的法定期限内。
符合立案条件的,应当填写立案审批表,同时附上相关材料,在七个工作日内报网信部门负责人批准立案,并指定两名以上执法人员为案件承办人。特殊情况下,可以延长至十五个工作日内立案。
对于不予立案的投诉、申诉、举报,经网信部门负责人批准后,应当将结果告知具名的投诉人、申诉人、举报人,并将不予立案的相关情况作书面记录留存。
对于其他机关移送的案件,决定不予立案的,应当书面告知移送机关。
不予立案或者撤销立案的,承办人应当制作不予立案审批表或者撤销立案审批表,报网信部门负责人批准。
第二节 调查取证
第十九条网信部门进行案件调查取证时,应当由具有行政执法资格的执法人员实施。执法人员不得少于两人,并应当主动向当事人或者有关人员出示执法证件。必要时,也可以聘请专业人员进行协助。
首次向案件当事人收集、调取证据的,应当告知其有申请执法人员回避的权利。
向有关单位、个人收集、调取证据时,应当告知其有如实提供证据的义务。被调查对象或者有关人员应当如实回答询问并协助、配合调查,及时提供依法应当保存的网络运营者发布的信息、用户发布的信息、日志信息等相关材料,不得阻挠、干扰案件的调查。
第二十条网信部门在执法过程中需要其他地区网信部门协助调查、取证的,应当出具委托调查函。受委托的网信部门应当积极予以协助,在接到委托调查函之日起十五个工作日内完成相关工作;需要延期完成或者无法协助的,应当及时函告委托的网信部门。
第二十一条执法人员应当依法收集与案件有关的证据,包括书证、物证、视听资料、电子数据、证人证言、当事人的陈述、鉴定意见、勘验笔录、现场笔录。
电子数据是指案件发生过程中形成的,以数字化形式存储、处理、传输的,能够证明案件事实的数据,包括但不限于网页、博客、微博客、即时通信工具、论坛、贴吧、网盘、电子邮件、网络后台等方式承载的电子信息或者文件。电子数据主要存在于计算机设备、移动通信设备、互联网服务器、移动存储设备、云存储系统等电子设备或者存储介质中。
视听资料包括录音资料和影像资料。
存储在电子介质中的录音资料和影像资料,适用电子数据的规定。
第二十二条立案前调查或者监督检查过程中依法取得的证据材料,可以作为案件的证据使用。
对于移送的案件,移送机关依职权调查收集的证据材料,可以作为案件的证据使用。
证据应当符合法律、法规、规章关于证据的规定,并经查证属实,方可作为认定案件事实的根据。以非法手段取得的证据,不得作为认定案件事实的根据。
第二十三条网信部门在立案前,可以采取询问、勘验、检查、鉴定、调取证据材料等措施,不得限制初查对象的人身、财产权利。
网信部门在立案后,可以对物品、设施、场所采取先行登记保存等措施。
第二十四条网信部门在执法过程中询问当事人或者有关人员,应当制作询问笔录,载明时间、地点、有关事实、经过等内容。询问笔录应当交询问对象或者有关人员核对并确认。
第二十五条网信部门对于涉及网络违法的场所、物品、网络应当进行勘验、检查,及时收集、固定书证、物证、视听资料和电子数据。
第二十六条网信部门可以委托司法鉴定机构就案件中的专门性问题出具鉴定意见;不属于司法鉴定范围的,可以委托有能力或者有条件的机构出具检测报告或者检验报告。
第二十七条网信部门可以向有关单位、个人调取能够证明案件事实的证据材料,并且可以根据需要拍照、录像、复印和复制。
调取的书证、物证应当是原件、原物。调取原件、原物确有困难的,可以由提交证据的有关单位、个人在复制品上签字或者盖章,注明“此件由×××提供,经核对与原件(物)无异”的字样或者文字说明,并注明出证日期、证据出处,并签名或者盖章。
调取的视听资料、电子数据应当是原始载体或者备份介质。调取原始载体或者备份介质确有困难的,可以收集复制件,并注明制作方法、制作时间、制作人等情况。调取声音资料的应当附有该声音内容的文字记录。
第二十八条在证据可能灭失或者以后难以取得的情况下,经网信部门负责人批准,执法人员可以依法对涉案计算机、服务器、硬盘、移动存储设备、存储卡等涉嫌实施违法行为的物品先行登记保存,制作登记保存物品清单,向当事人出具登记保存物品通知书。先行登记保存期间,当事人或者有关人员不得损毁、销毁或者转移证据。
网信部门实施先行登记保存时,应当通知当事人或者持有人到场,并在现场笔录中对采取的相关措施情况予以记载。
第二十九条网信部门对先行登记保存的证据,应当在七个工作日内作出以下处理决定:
(一)需要采取证据保全措施的,采取记录、复制、拍照、录像等证据保全措施后予以返还;
(二)需要检验、检测、鉴定的,送交具有相应资质的机构检验、检测、鉴定;
(三)违法事实成立,依法应当予以没收的,依照法定程序作出行政处罚决定,没收违法物品;
(四)违法事实不成立,或者违法事实成立但依法不应当予以没收的,解除先行登记保存。
逾期未作出处理决定的,应当解除先行登记保存。
第三十条为了收集、保全电子数据,网信部门可以采取现场取证、远程取证,责令有关单位、个人固定和提交等措施。
现场取证、远程取证结束后应当制作电子取证工作记录。
第三十一条执法人员在调查取证过程中,应当要求当事人在笔录或者其他材料上签字、捺指印、盖章或者以其他方式确认。当事人拒绝到场,拒绝签字、捺指印、盖章或者以其他方式确认,或者无法找到当事人的,应当由两名执法人员在笔录或者其他材料上注明原因,并邀请有关人员作为见证人签字或者盖章,也可以采取录音、录像等方式记录。
第三十二条网信部门办理个人信息保护案件可以采取查封、扣押等行政强制措施。采取或者解除查封、扣押措施,应当向网信部门主要负责人书面报告并经批准。
情况紧急,需要当场采取查封、扣押措施的,执法人员应当在二十四小时内向网信部门主要负责人报告,并补办批准手续。网信部门主要负责人认为不应当采取查封、扣押措施的,应当立即解除。
第三十三条案件调查终结后,承办人应当撰写案件处理意见报告。
认为违法事实成立,应当予以行政处罚的,撰写案件处理意见报告,草拟行政处罚建议书。
有下列情形之一的,撰写案件处理意见报告,说明拟作处理的理由,报网信部门负责人批准后根据不同情况分别处理:
(一)认为违法事实不能成立,不予行政处罚的;
(二)违法行为情节轻微并及时改正,没有造成危害后果,不予行政处罚的;
(三)初次违法且危害后果轻微并及时改正,可以不予行政处罚的;
(四)当事人有证据足以证明没有主观过错的,不予行政处罚的。法律、行政法规另有规定的,从其规定;
(五)案件不属于本部门管辖,应当移送其他行政机关管辖的;
(六)涉嫌犯罪,应当移送司法机关的。
第三十四条网信部门进行案件调查时,对已有证据证明违法事实成立的,应当责令当事人改正或者限期改正违法行为。
第三节 听证、约谈
第三十五条网信部门作出下列行政处罚决定之前,应当告知当事人有要求举行听证的权利。当事人要求听证的,应当在被告知后五个工作日内提出,网信部门应当组织听证。当事人逾期未要求听证的,视为放弃权利。
(一)较大数额罚款;
(二)没收较大数额违法所得、没收较大价值非法财物;
(三)降低资质等级、吊销许可证件;
(四)责令停产停业、责令关闭、限制从业;
(五)其他较重的行政处罚;
(六)法律、法规、规章规定的其他情形。
第三十六条网信部门应当在听证的七个工作日前,将听证通知书送达当事人,告知当事人及有关人员举行听证的时间、地点。
听证应当制作听证笔录,交当事人或者其代理人核对无误后签字或者盖章。当事人或者其代理人拒绝签字或者盖章的,由听证主持人在笔录中注明。
除涉及国家秘密、商业秘密或者个人隐私依法予以保密外,听证公开举行。
听证结束后,网信部门应当根据听证笔录,依照本规定第四十一条的规定,作出决定。
第三十七条网信部门对当事人作出行政处罚决定前,可以根据有关规定对其实施约谈,谈话结束后制作执法约谈笔录。
第四节 行政处罚决定、送达
第三十八条网信部门作出行政处罚决定之前,应当填写行政处罚意见告知书,告知当事人拟作出的行政处罚内容及事实、理由、依据,并告知当事人依法享有的陈述、申辩等权利。
第三十九条当事人有权进行陈述和申辩。网信部门应当充分听取当事人的意见,对当事人提出的事实、理由和证据,应当进行复核;当事人提出的事实、理由或者证据成立的,网信部门应当采纳。当事人在接到告知书之日起三个工作日内未提出陈述、申辩的,视为放弃权利。
网信部门不得因当事人陈述、申辩而给予更重的处罚。
网信部门及其执法人员在作出行政处罚决定之前,未依照本规定向当事人告知拟作出的行政处罚内容及事实、理由、依据,或者拒绝听取当事人的陈述、申辩,不得作出行政处罚决定;当事人明确放弃陈述或者申辩权利的除外。
第四十条有下列情形之一,在网信部门负责人作出行政处罚的决定之前,应当由从事行政处罚决定法制审核的人员进行法制审核;未经法制审核或者审核未通过的,不得作出决定:
(一)涉及重大公共利益;
(二)直接关系当事人或者第三人重大权益,经过听证程序的;
(三)案件情况疑难复杂、涉及多个法律关系的;
(四)法律、法规规定应当进行法制审核的其他情形。
法制审核由网信部门明确的负责法制审核的机构实施。网信部门中初次从事行政处罚决定法制审核的人员,应当通过国家统一法律职业资格考试取得法律职业资格。
第四十一条拟作出的行政处罚决定应当报网信部门负责人审查。网信部门负责人根据不同情况,分别作出如下决定:
(一)确有应受行政处罚的违法行为的,根据情节轻重及具体情况,作出行政处罚决定;
(二)违法行为轻微,依法可以不予行政处罚的,不予行政处罚;
(三)违法事实不能成立的,不予行政处罚;
(四)违法行为涉嫌犯罪的,移送司法机关。
第四十二条对情节复杂或者重大违法行为给予行政处罚,网信部门负责人应当集体讨论决定。集体讨论决定的过程应当有书面记录。
第四十三条网信部门作出行政处罚决定,应当制作统一编号的行政处罚决定书。
行政处罚决定书应当载明下列事项:
(一)当事人的姓名或者名称、地址等基本情况;
(二)违反法律、法规、规章的事实和证据;
(三)行政处罚的种类和依据;
(四)行政处罚的履行方式和期限;
(五)申请行政复议、提起行政诉讼的途径和期限;
(六)作出行政处罚决定的网信部门名称和作出决定的日期。
行政处罚决定中涉及没收有关物品的,还应当附没收物品凭证。
行政处罚决定书必须盖有作出行政处罚决定的网信部门的印章。
第四十四条网信部门适用普通程序办理的行政处罚案件应当自立案之日起九十日内作出行政处罚决定。因案情复杂或者其他原因,不能在规定期限内作出处理决定的,经网信部门负责人批准,可以延长六十日。案情特别复杂或者有其他特殊情况,经延期仍不能作出处理决定的,应当由网信部门负责人集体讨论决定是否继续延期,决定继续延期的,应当同时确定延长的合理期限。
案件处理过程中,听证、检测、检验、鉴定、行政协助等时间不计入前款规定的期限。
第四十五条行政处罚决定书应当在宣告后当场交付当事人;当事人不在场的,应当在七个工作日内依照《中华人民共和国民事诉讼法》的有关规定,将行政处罚决定书送达当事人。
当事人同意并签订确认书的,网信部门可以采用传真、电子邮件等方式,将行政处罚决定书等送达当事人。
第四章 执行与结案
第四十六条行政处罚决定书送达后,当事人应当在行政处罚决定书载明的期限内予以履行。
当事人确有经济困难,可以提出延期或者分期缴纳罚款的申请,并提交书面材料。经案件承办人审核,确定延期或者分期缴纳罚款的期限和金额,报网信部门负责人批准后,可以暂缓或者分期缴纳。
第四十七条网络运营者违反相关法律、法规、规章,需由电信主管部门关闭网站、吊销互联网信息服务增值电信业务经营许可证或者取消备案的,转电信主管部门处理。
第四十八条当事人对行政处罚决定不服的,有权依法申请行政复议或者提起行政诉讼。
当事人对行政处罚决定不服,申请行政复议或者提起行政诉讼的,行政处罚不停止执行,法律另有规定的除外。
当事人申请行政复议或者提起行政诉讼的,加处罚款的数额在行政复议或者行政诉讼期间不予计算。
第四十九条当事人逾期不履行行政处罚决定的,作出行政处罚决定的网信部门可以采取下列措施:
(一)到期不缴纳罚款的,每日按罚款数额的百分之三加处罚款,加处罚款的数额不得超出罚款的数额;
(二)依照《中华人民共和国行政强制法》的规定申请人民法院强制执行。
网信部门批准延期、分期缴纳罚款的,申请人民法院强制执行的期限,自暂缓或者分期缴纳罚款期限结束之日起计算。
网信部门申请人民法院强制执行前应当填写履行行政处罚决定催告书,书面催告当事人履行义务,并告知履行义务的期限和方式、依法享有的陈述和申辩权,涉及加处罚款的,应当有明确的金额和给付方式。
当事人进行陈述、申辩的,网信部门应当对当事人提出的事实、理由和证据进行记录、复核,并制作陈述申辩笔录、陈述申辩复核意见书。当事人提出的事实、理由或者证据成立的,网信部门应当采纳。
履行行政处罚决定催告书送达十个工作日后,当事人仍未履行处罚决定的,网信部门可以申请人民法院强制执行,并填写行政处罚强制执行申请书。
第五十条行政处罚决定履行或者执行后,适用普通程序的案件有以下情形之一的,执法人员应当填写行政处罚结案报告,将有关案件材料进行整理装订,归档保存。
(一)行政处罚决定履行或者执行完毕的;
(二)人民法院裁定终结执行的;
(三)案件终止调查的;
(四)作出本规定第四十一条第一款第二项至第四项决定的;
(五)其他应当予以结案的情形。
结案后,执法人员应当将案件材料按照档案管理的有关规定立卷归档。案卷归档应当一案一卷、材料齐全、规范有序。
第五十一条网信部门应当依法以文字、音像等形式,对行政处罚的启动、调查取证、审核、决定、送达、执行等进行全过程记录,归档保存。
第五十二条网信部门应当建立健全对行政处罚的监督制度,实施行政处罚应当接受社会监督。公民、法人或者其他组织对网信部门实施行政处罚的行为,有权申诉或者检举;网信部门应当认真审查,发现有错误的,应当主动改正。
第五章 附则
第五十三条本规定中的期限以时、日计算,开始的时和日不计算在内。期限届满的最后一日是法定节假日的,以法定节假日后的第一日为届满的日期。法律、法规另有规定的除外。
第五十四条本规定中的“以上”、“以下”、“内”均包括本数。
第五十五条国家网信部门负责制定行政执法所适用的文书格式范本。各省、自治区、直辖市网信部门可以参照文书格式范本,制定本行政区域行政处罚所适用的文书格式并自行印制。
第五十六条本规定自 年 月 日起施行。2017年5月2日公布的《互联网信息内容管理行政执法程序规定》(国家互联网信息办公室令第2号)同时废止。
