China further enhances state secrets protection

06 Mar 2024    4 minute read
CI Featured Content

In brief

On 27 February 2024, China published the amended Law on Guarding State Secrets ("Amended SSL"), which will take effect on 1 May 2024. The Amended SSL enhances state secrets protection from multiple aspects, together with the Counterespionage Law amended in 2023, the National Security Law, and other national security related laws and regulations. The highlights of the Amended SSL are summarized as follows:

Contents

a. More resources dedicated to state secrets protection

The Amended SSL requires both government agencies and relevant entities that involve state secrets to set aside budget for state secrets protection, emphasize protection of IP rights in relevant technologies, and promote talent management in this regard. We expect that state secrets protection is likely to be a more relevant topic for business operators in China, especially in the high-tech sector.

b. Tightening up secrecy classification and labeling requirements

While the definition of "state secrets" remains to be broad and vague, the Amended SSL stipulates the principles of necessity and reasonableness in classifying state secrets. It also proposes to mark out the secret contents if conditions permit, requires the clear labeling of electronic files containing state secrets, and requires government agencies and entities to conduct annual review on the state secrets classified and to de-classify relevant matters in due course. These measures will help increase certainty in determining the scope of state secrets.

c. Improving security management of relevant products, technologies and personnel

The Amended SSL calls for the establishment of a government-led or -driven mechanism to sample and inspect the products and technical devices used for state secrets protection. The IT system storing or processing state secrets is also required to go through regular risk assessment. Personnel with access to state secrets should obtain prior approval before traveling abroad and is restricted from re-employment and traveling abroad according to applicable rules in a stipulated time period upon departure.

d. Additional obligations of government agencies and entities

Government agencies and entities that access state secrets are required to set up a dedicated work function on confidentiality work or designate a dedicated in-charge person. They are also required to protect "work secrets," which refer to the information they generate or acquire through performing their duties, which are not state secrets but may cause certain negative impact, in accordance with the "Measures for the Management of Work Secrets" to be issued separately.

e. Expanded investigative powers

The Amended SSL expands investigative powers of the National Administration for the Protection of State Secrets and its local counterparts, including seizing relevant files and devices, interrogating relevant personnel, and carrying out technical surveillance as needed. The regulators will establish a cross-departmental security monitoring mechanism to prevent the leakage of data that would constitute state secrets after being aggregated or correlated. Internet operators are explicitly required to cooperate with the investigations conducted by various regulators by taking various measures such as ceasing transmission, keeping records or deleting information, on top of the general cooperation obligation imposed on all individuals and entities.

Practical implications

The Amended SSL aims to strengthen state secrets protection under the new context involving various geopolitical, business and technology considerations. It is also amid the efforts to strike a balance between safeguarding national security and promoting economic development. We take the view that its impact on the ordinary course of business operation for most multinational companies should not be substantial. Still, it is advisable for companies to improve awareness of state secrets protection and adopt operational measures to strengthen data management, especially for those companies who are in strategic sectors (e.g., high-tech, healthcare and financial industries), those who interact frequently with state-owned enterprises, or those who are critical information infrastructure operators and other strategic players.

LOGO BM-FenXun bold-RGB (003)

Baker & McKenzie FenXun (FTZ) Joint Operation Office is a joint operation between Baker & McKenzie LLP, an Illinois limited liability partnership, and FenXun Partners, a Chinese law firm. The Joint Operation has been approved by the Shanghai Justice Bureau. In accordance with the common terminology used in professional service organisations, reference to a "partner" means a person who is a partner, or equivalent, in such a law firm.  This may qualify as “Attorney Advertising” requiring notice in some jurisdictions.  Prior results do not guarantee a similar outcome.

This client alert has been prepared for clients and professional associates of Baker & McKenzie FenXun (FTZ) Joint Operation Office. Whilst every effort has been made to ensure accuracy, this client alert is not an exhaustive treatment of the area of law discussed and no responsibility for any loss occasioned to any person acting or refraining from action as a result of material in this presentation is accepted by Baker & McKenzie FenXun (FTZ) Joint Operation Office.
 

Contact Information
Vivian Wu
Partner
Beijing
vivian.wu@bakermckenziefenxun.com
Yiwei Sun
Associate
Beijing
yiwei.sun@bakermckenziefenxun.com

Copyright © 2025 Baker & McKenzie. All rights reserved. Ownership: This documentation and content (Content) is a proprietary resource owned exclusively by Baker McKenzie (meaning Baker & McKenzie International and its member firms). The Content is protected under international copyright conventions. Use of this Content does not of itself create a contractual relationship, nor any attorney/client relationship, between Baker McKenzie and any person. Non-reliance and exclusion: All Content is for informational purposes only and may not reflect the most current legal and regulatory developments. All summaries of the laws, regulations and practice are subject to change. The Content is not offered as legal or professional advice for any specific matter. It is not intended to be a substitute for reference to (and compliance with) the detailed provisions of applicable laws, rules, regulations or forms. Legal advice should always be sought before taking any action or refraining from taking any action based on any Content. Baker McKenzie and the editors and the contributing authors do not guarantee the accuracy of the Content and expressly disclaim any and all liability to any person in respect of the consequences of anything done or permitted to be done or omitted to be done wholly or partly in reliance upon the whole or any part of the Content. The Content may contain links to external websites and external websites may link to the Content. Baker McKenzie is not responsible for the content or operation of any such external sites and disclaims all liability, howsoever occurring, in respect of the content or operation of any such external websites. Attorney Advertising: This Content may qualify as “Attorney Advertising” requiring notice in some jurisdictions. To the extent that this Content may qualify as Attorney Advertising, PRIOR RESULTS DO NOT GUARANTEE A SIMILAR OUTCOME. Reproduction: Reproduction of reasonable portions of the Content is permitted provided that (i) such reproductions are made available free of charge and for non-commercial purposes, (ii) such reproductions are properly attributed to Baker McKenzie, (iii) the portion of the Content being reproduced is not altered or made available in a manner that modifies the Content or presents the Content being reproduced in a false light and (iv) notice is made to the disclaimers included on the Content. The permission to re-copy does not allow for incorporation of any substantial portion of the Content in any work or publication, whether in hard copy, electronic or any other form or for commercial purposes.