China's top Internet regulator on Wednesday started soliciting public opinions on a draft regulation for the issuance of cybersecurity threat information.
According to the draft regulation released by the Cyberspace Administration of China, cybersecurity threat information includes information on actions that threaten normal network operation and information that might expose network vulnerabilities.
The draft regulation stipulates that cybersecurity threat information should not contain any content that can be readily used to harm network operation such as the source codes and methods for making malicious software, detailed information that fully outlines the process of network attacks and intrusions, and breached data.
Cybersecurity incidents including attacks, damages and intrusions of networks and information systems should not be released before the incidents are reported to local public security departments at the city level or above.
Without approval and authorization of government departments, cybersecurity threat information issued by any enterprise, organization or individual should not contain "warning" in its title, the draft regulation says.