新网安法1月1日施行！AI入法、分级处罚，核心修改一图看

Core Viewpoint - The revised Cybersecurity Law, passed on October 28, 2025, will take effect on January 1, 2026, marking the first significant amendment since its implementation in 2017. The revisions focus on "four enhancements and one connection," including strengthening cybersecurity principles, improving penalties, promoting AI application, and ensuring alignment with personal information protection laws [1][3]. Group 1: Key Enhancements - The new law emphasizes the leadership of the Communist Party and the overall national security concept, stating that cybersecurity work must adhere to these principles [4][9]. - A dedicated clause for artificial intelligence has been added, supporting research and development in AI technologies and establishing ethical norms for AI [5][9]. - The law introduces a tiered penalty system linked to the severity of violations, with fines for serious breaches potentially reaching up to 10 million [10]. Group 2: Legal Responsibilities and Penalties - The law specifies that network operators must handle personal information in compliance with the Cybersecurity Law and other relevant laws, ensuring legal accountability [6][10]. - Penalties for selling or providing unverified cybersecurity products have been clarified, with fines and potential business suspensions for non-compliance [5][7]. - The law expands jurisdiction over foreign entities that threaten China's cybersecurity, allowing for legal actions and asset freezes against them [8][9]. Group 3: Coordination with Other Laws - The revised law enhances coordination with the Civil Code, Personal Information Protection Law, and Data Security Law, ensuring a cohesive legal framework for data handling and cybersecurity [10]. - It includes provisions for lighter penalties under certain circumstances, aligning with the Administrative Penalty Law [10].