On 30 October 2019 the Shanghai Cyberspace Administration released the 2019 Network Security Incident Contingency Plan.(1)

According to the contingency plan, the response levels to network security incidents in Shanghai are classified as Grade I, Grade II, Grade III and Grade IV, which correspond to an 'extraordinarily serious network security incident', a 'serious network security incident', a 'relatively serious network security incident' and an 'ordinary network security incident', respectively.

If a network security incident occurs, the relevant entity must report it to the competent authority verbally within half an hour and in writing within one hour. If a security incident is deemed to surpass the relatively serious level, the competent authority must be informed immediately. After being informed, the competent authority should respond to the incident and organise the relevant stakeholders to implement disposal measures.


(1) Further information is available here.

This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.