On April 26, 2021, the Ministry of State Security (MSS) promulgated the Regulations on Counter-Espionage Security Precautions (hereinafter referred to as the ‘Regulations’) (Decree No. 1 of the Ministry of State Security of the People’s Republic of China, 2021), effective from the date of promulgation.

The Regulations thoroughly implement the decisions and deployments of the Party Central Committee with Comrade Xi Jinping at its core. Based on the ‘National Security Law of the People’s Republic of China,’ the ‘Anti-Espionage Law of the People’s Republic of China,’ its implementing rules, and other relevant laws and regulations, it standardizes counter-espionage security precaution work. It clarifies that this work should adhere to centralized leadership, uphold the holistic view of national security, combine specialized work with the mass line, integrate human, physical, and technical defenses, strictly abide by legal authority and procedures, respect and protect human rights, and safeguard the legitimate rights and interests of citizens and organizations.

The Regulations strictly adhere to superior laws and regulations, aiming to establish a counter-espionage security precaution responsibility system. It clarifies that government agencies, organizations, enterprises, public institutions, and other social organizations bear primary responsibility for counter-espionage security precaution work within their units. Industry competent authorities are responsible for supervising and managing this work within their sectors, while national security agencies provide professional guidance and conduct supervision and inspection according to their administrative authority.

The Regulations strictly adhere to the statutory duties and powers of national security agencies, standardizing their counter-espionage security precaution guidance and inspection work. It clarifies that national security agencies can provide guidance through various means, including work manuals, guidelines, written opinions, training, meetings, reminders, and warnings. In cases of identified risks, reported issues, or unit applications, and with approval from a national security agency head at or above the districted-city level, inspections can be conducted. Furthermore, the Regulations outline mechanisms for national security agencies to collaborate with relevant departments on publicity and education, handle public reports, and implement commendations and rewards.

For units failing to implement counter-espionage security precaution responsibilities, the Regulations state that national security agencies may lawfully order rectification within a specified period or interview relevant responsible persons, urging units to rectify problems and fulfill responsibilities. Furthermore, for units and staff who fail to perform or improperly perform their counter-espionage security precaution responsibilities and obligations, resulting in adverse consequences, national security agencies may transfer problem clues to relevant authorities, suggesting they handle the matter according to regulations, discipline, and law. If a crime is constituted, criminal liability shall be pursued according to law.

A relevant official from the Ministry of State Security stated that the formulation of the Regulations is a concrete manifestation of national security agencies implementing Xi Jinping Thought on the Rule of Law. It is of great significance for improving the legal system and safeguards for national security, strengthening the people’s defense line for national security, and standardizing and strengthening counter-espionage security precaution work. Next, national security agencies at all levels will conscientiously implement the Regulations, fully utilizing rule-of-law thinking and methods in their work to better organize and mobilize all societal forces to jointly prevent and stop espionage and other acts endangering national security, thereby effectively building a strong national security barrier.

Regulations on Counter-Espionage Security Precautions

(Promulgated on April 26, 2021, by Decree No. 1 of the Ministry of State Security of the People’s Republic of China, 2021, and effective from the date of promulgation)

Chapter I General Provisions

Article 1 These Regulations are formulated in accordance with the ‘National Security Law of the People’s Republic of China,’ the ‘Anti-Espionage Law of the People’s Republic of China,’ the ‘Implementing Rules of the Anti-Espionage Law of the People’s Republic of China,’ and other relevant laws and regulations, to strengthen and standardize counter-espionage security precaution work and urge government agencies, organizations, enterprises, public institutions, and other social organizations to implement counter-espionage security precaution responsibilities.

Article 2 These Regulations apply to government agencies, organizations, enterprises, public institutions, and other social organizations that carry out counter-espionage security precaution work under the coordination and guidance of national security agencies.

Article 3 Counter-espionage security precaution work should adhere to centralized leadership, uphold the holistic view of national security, combine specialized work with the mass line, integrate human, physical, and technical defenses, strictly abide by legal authority and procedures, respect and protect human rights, and safeguard the legitimate rights and interests of citizens and organizations.

Article 4 Government agencies, organizations, enterprises, public institutions, and other social organizations bear primary responsibility for counter-espionage security precaution work within their units. They shall educate their personnel on safeguarding national security and mobilize and organize them to prevent and stop espionage and other acts endangering national security.

Industry competent authorities, within their scope of authority, shall supervise and manage counter-espionage security precaution work within their respective sectors.

Article 5 National security agencies at all levels, according to their administrative authority, shall lawfully provide professional guidance and conduct supervision and inspection for counter-espionage security precaution work carried out by government agencies, organizations, enterprises, public institutions, and other social organizations.

Article 6 National security agencies and their staff shall strictly keep confidential national secrets, work secrets, commercial secrets, personal privacy, and personal information learned during the performance of their duties in counter-espionage security precaution guidance and inspection work, and shall not disclose or illegally provide them to others.

Chapter II Counter-Espionage Security Precaution Responsibilities

Article 7 Industry competent authorities shall fulfill the following supervisory and management responsibilities for counter-espionage security precautions:

(1) Based on the characteristics of their respective industries, clarify the requirements for counter-espionage security precaution work within their industries;

(2) Cooperate with national security agencies in formulating a list of key units for counter-espionage security precautions in their industries and carry out counter-espionage security precaution work;

(3) Guide and urge key units within their industries to fulfill their counter-espionage security precaution obligations;

(4) Other industry management responsibilities for counter-espionage security precautions that should be fulfilled.

Relevant industry competent authorities shall establish and improve counter-espionage security precaution cooperation mechanisms with national security agencies, strengthening information exchange, consultation, collaborative guidance, and joint supervision and inspection to jointly ensure effective counter-espionage security precaution work.

Article 8 Government agencies, organizations, enterprises, public institutions, and other social organizations shall implement primary responsibility for counter-espionage security precautions and fulfill the following obligations:

(1) Conduct counter-espionage security precaution education and training to enhance the security awareness and response capabilities of their personnel;

(2) Strengthen counter-espionage security precaution management within their units and implement relevant security precaution measures;

(3) Promptly report suspicious circumstances involving espionage or other acts endangering national security to national security agencies;

(4) Provide convenience or other assistance to national security agencies in performing their duties according to law;

(5) Properly respond to and handle emergency situations related to counter-espionage security precautions involving their units and personnel;

(6) Other counter-espionage security precaution obligations that should be fulfilled.

Article 9 National security agencies, in conjunction with relevant departments, shall formulate and regularly adjust a list of key units for counter-espionage security precautions based on factors such as the unit’s nature, industry, secrecy level, foreign involvement, and whether national security incidents have occurred, and inform these key units in writing. In addition to fulfilling the obligations stipulated in Article 8 of these Regulations, key units for counter-espionage security precautions shall also fulfill the following obligations:

(1) Establish and improve counter-espionage security precaution work systems;

(2) Clarify that relevant departments and personnel within their units bear counter-espionage security precaution responsibilities;

(3) Strengthen daily security precaution management of classified matters, locations, carriers, data, positions, and personnel; conduct pre-employment counter-espionage security reviews for classified personnel; and sign security precaution commitment letters with classified personnel;

(4) Organize classified and foreign-related personnel to report national security matters to their units and ensure dynamic management of data and information;

(5) Effectively carry out counter-espionage security precaution work in foreign exchanges and cooperation, and formulate and implement relevant contingency plans and measures;

(6) Effectively carry out pre-departure counter-espionage security precaution education, overseas management, and returnee interviews for their units’ outbound groups, personnel, and long-term overseas staff;

(7) Regularly conduct counter-espionage security precaution education and training for classified and foreign-related personnel;

(8) Equip necessary equipment and facilities in accordance with counter-espionage technical security precaution standards and implement relevant technical security precaution measures;

(9) Regularly conduct self-inspections of the unit’s counter-espionage security precautions, promptly identifying and eliminating security risks.

Article 10 In addition to fulfilling the obligations stipulated in Article 8 of these Regulations, critical information infrastructure operators shall also fulfill the following obligations:

(1) Conduct counter-espionage security reviews for heads of the unit’s security management agencies and personnel in critical positions;

(2) Regularly provide counter-espionage security education and training to employees;

(3) Adopt counter-espionage technical security precautions to prevent and stop espionage activities such as overseas cyberattacks, cyber intrusions, and cyber theft, ensuring the security of network and information core technologies, critical infrastructure, and information systems and data in important fields.

Critical information infrastructure operators listed in the directory of key units for counter-espionage security precautions shall also fulfill the obligations stipulated in Article 9 of these Regulations.

Chapter III Guidance on Counter-Espionage Security Precautions

Article 11 National security agencies may provide guidance to government agencies, organizations, enterprises, public institutions, and other social organizations on implementing counter-espionage security responsibilities through the following methods:

(1) Provide publicity and educational materials such as work manuals and guidelines;

(2) Issue written guidance opinions;

(3) Organize work training;

(4) Convene work meetings;

(5) Provide reminders and warnings;

(6) Other guidance methods.

Article 12 National security agencies regularly analyze the counter-espionage security situation, conduct risk assessments, inform relevant units, and provide opinions and suggestions to relevant units on strengthening and improving counter-espionage security work.

Article 13 National security agencies utilize networks, media platforms, national security education bases (museums), etc., to carry out counter-espionage security publicity and education.

Article 14 National security agencies, in conjunction with education authorities, guide schools in conducting counter-espionage security education for all faculty and students, and strengthen pre-departure counter-espionage security education and post-return interviews for faculty and students participating in overseas study and exchanges.

Article 15 National security agencies, in conjunction with science and technology authorities, guide various research institutions in conducting counter-espionage security education for researchers, and strengthen pre-departure counter-espionage security education and post-return interviews for researchers participating in overseas study and exchanges.

Article 16 National security agencies, in conjunction with relevant departments, organize and mobilize neighborhood (village) committees to cooperate in carrying out mass counter-espionage security publicity and education based on local conditions.

Article 17 National security agencies, in conjunction with publicity authorities, coordinate and guide media such as radio, television, newspapers, and the internet to carry out counter-espionage security publicity activities, produce, publish, and broadcast counter-espionage security public service advertisements, typical cases, educational programs, or other promotional materials, to enhance public awareness of counter-espionage security.

Article 18 Citizens and organizations may report espionage activities and other acts endangering national security, as well as various clues related to counter-espionage security issues, through the national security agency’s 12339 tip-off hotline, online reporting platform, or other reporting methods announced by national security agencies.

Article 19 National security agencies shall strictly maintain the confidentiality of informants and protect their personal and property safety. Without the informant’s consent, their personal information shall not be disclosed or leaked in any way.

If a citizen or their immediate family members face personal safety risks due to reporting espionage activities or other acts endangering national security, they may request protection from national security agencies. National security agencies shall, in conjunction with relevant departments, take protective measures in accordance with the law.

Article 20 For units and individuals who have achieved significant results or made major contributions in counter-espionage security work, and meet one of the following conditions, national security agencies may, in accordance with relevant national regulations and in conjunction with relevant departments and units, give commendations and awards:

(1) Providing important information or clues that play a significant role in national security agencies discovering and solving espionage cases or other cases endangering national security, or in relevant units preventing and eliminating major risks, hidden dangers, or actual threats to national security;

(2) Closely cooperating with national security agencies in performing duties and demonstrating outstanding performance;

(3) Preventing and stopping espionage activities or other acts endangering national security, and demonstrating outstanding performance;

(4) Proactively taking measures to promptly eliminate major risks, hidden dangers, or actual threats to national security within their unit, and recovering significant losses;

(5) Having significant innovations or particularly outstanding achievements in counter-espionage security work;

(6) Making other major contributions to counter-espionage security work.

Chapter IV Counter-Espionage Security Inspections

Article 21 National security agencies may conduct counter-espionage security inspections of government agencies, organizations, enterprises, public institutions, and other social organizations if one of the following circumstances exists, upon approval by the head of a national security agency at or above the districted-city level, and with the issuance of legal documents:

(1) Discovering risks or hidden dangers in counter-espionage security precautions;

(2) Receiving reports of clues regarding counter-espionage security issues;

(3) Based on the application of relevant units;

(4) Due to other needs of counter-espionage security work.

Article 22 National security agencies may inspect the counter-espionage security work of government agencies, organizations, enterprises, public institutions, and other social organizations through the following methods:

(1) Inquiring about the situation from relevant units and personnel;

(2) Reviewing relevant documents;

(3) Listening to explanations of relevant work;

(4) Enter relevant units and premises for on-site inspection;

(5) Inspect electronic communication tools, equipment, and other facilities;

(6) Counter-espionage technical prevention inspection and testing;

(7) Other inspection methods authorized by laws, regulations, and rules.

Article 23 With the approval of the head of a national security agency at or above the prefectural level, national security agencies may conduct counter-espionage technical prevention inspections and tests on relevant parts, premises, buildings, internal equipment and facilities, power systems, computer networks and information systems, and critical information infrastructure of organs, groups, enterprises, public institutions, and other social organizations with potential risks, to prevent, discover, and handle situations that endanger national security.

Article 24 National security agencies may adopt the following methods to conduct counter-espionage technical prevention inspections and tests:

(1) Enter relevant units and premises for on-site technical inspection;

(2) Use specialized equipment to conduct technical testing on relevant parts, premises, links, and networks;

(3) Conduct remote technical testing on relevant equipment and facilities, networks, and systems.

Article 25 When national security agencies conduct on-site counter-espionage technical prevention inspections and tests, there shall be no fewer than two inspectors, who shall present their corresponding credentials.

When national security agencies conduct remote technical testing, they shall inform the tested entity in advance of the testing time, scope, and other matters.

Inspectors and testers shall make inspection and testing records, truthfully documenting the inspection and testing situation.

Article 26 During counter-espionage technical prevention inspections and tests, national security agencies may, to prevent harm from occurring or escalating, lawfully order the inspected entity to take corrective measures such as technical shielding, isolation, dismantling, or ceasing the use of relevant equipment, facilities, networks, and systems, guide and supervise the implementation of relevant measures, and note this in the inspection and testing records.

Article 27 National security agencies may, based on counter-espionage security prevention inspection findings, offer opinions and suggestions to inspected units for strengthening and improving counter-espionage security prevention work, and urge relevant units to fulfill their counter-espionage security prevention responsibilities and obligations.

Chapter 5 Legal Responsibilities

Article 28 If organs, groups, enterprises, public institutions, and other social organizations violate these regulations under any of the following circumstances, national security agencies may lawfully order them to rectify within a specified period. The unit ordered to rectify shall submit a rectification report to the national security agency before the deadline, and the national security agency shall inspect the rectification situation within fifteen working days from the date of receiving the report:

(1) Failing to conscientiously fulfill counter-espionage security prevention responsibilities and obligations, with security prevention measures not implemented or inadequately implemented, and obvious potential problems or risks existing;

(2) Refusing to accept guidance and inspection on counter-espionage security prevention from national security agencies;

(3) Occurrence of espionage cases, defection cases, cases of stealing, prying into, buying, or illegally providing state secrets or intelligence for overseas entities, and other cases or incidents endangering national security;

(4) Discovering suspicious situations involving espionage or other acts endangering national security, and reporting late, omitting reports, or concealing reports, causing adverse consequences or impact;

(5) Failing to cooperate with or obstructing national security agencies in performing their duties according to law.

For those who fail to rectify as required or fail to meet rectification requirements, national security agencies may lawfully interview relevant responsible persons and notify the unit’s superior competent authority about the interview.

Article 29 If organs, groups, enterprises, public institutions, and other social organizations and their staff fail to fulfill or fail to fulfill their counter-espionage security prevention responsibilities and obligations as required, causing adverse consequences or impact, national security agencies may transfer problem clues to relevant organs and units, suggesting that they handle the responsible leaders and direct responsible persons in accordance with regulations, disciplines, and laws, based on their management authority. If a crime is constituted, criminal responsibility shall be investigated according to law.

Article 30 If national security agencies and their staff abuse their power, neglect their duties, or engage in malpractices for personal gain during counter-espionage security prevention guidance and inspection, the responsible leaders and direct responsible persons shall be handled in accordance with regulations, disciplines, and laws. If a crime is constituted, criminal responsibility shall be investigated according to law.

Chapter 6 Supplementary Provisions

Article 31 These regulations shall come into force from the date of promulgation.