Article 1 This Law is formulated for the purpose of ensuring network security, safeguarding cyberspace sovereignty, national security and social interests, protecting the legitimate rights and interests of citizens, legal persons and other organizations, and promoting the healthy development of economic and social informatization.
Article 2 This Law is applicable to the construction, operation, maintenance and use of networks in People's Republic of China (PRC), as well as the supervision and management of network security.
Article 3 The State adheres to the principle of paying equal attention to network security and informatization development, and follows the principles of active utilization, scientific development, management according to law and ensuring security, promoting the construction and interconnection of network infrastructure, encouraging the innovation and application of network technology, supporting the training of network security personnel, establishing and improving the network security guarantee system and improving the network security protection capability.
Article 4 The state formulates and constantly improves the network security strategy, defines the basic requirements and main objectives for ensuring network security, and puts forward the network security policies, tasks and measures in key areas.
Article 5 The State shall take measures to monitor, defend and respond to cyber security risks and threats from the people of China and at home and abroad, protect important information infrastructure from attacks, intrusions, interference and destruction, punish illegal and criminal activities on the Internet according to law, and maintain security and order in cyberspace.
Article 6 The State advocates honest, trustworthy, healthy and civilized cyber behavior, promotes the dissemination of socialist core values, and takes measures to raise the awareness and level of cyber security of the whole society, thus forming a good environment for the whole society to participate in promoting cyber security.
Article 7 The State shall actively carry out international exchanges and cooperation in cyberspace governance, research and development of network technology, standard setting and combating cybercrime, promote the construction of a peaceful, safe, open and cooperative cyberspace, and establish a multilateral, democratic and transparent network governance system.
Article 8 The National Network Information Department is responsible for coordinating network security and related supervision and management. The State Council telecommunications authorities, public security departments and other relevant departments are responsible for network security protection, supervision and management within the scope of their respective responsibilities and in accordance with this Law and relevant laws and administrative regulations.
The responsibilities of network security protection and supervision and management of relevant departments of local people's governments at or above the county level shall be determined in accordance with relevant state regulations.
Article 9 When engaging in business and service activities, network operators must abide by laws and administrative regulations, respect social ethics, abide by business ethics, be honest and trustworthy, fulfill their obligations of network security protection, accept government and social supervision, and assume social responsibilities.
Article 10 When constructing and operating a network or providing services through the network, technical measures and other necessary measures shall be taken in accordance with the provisions of laws, administrative regulations and mandatory requirements of national standards to ensure the safe and stable operation of the network, effectively respond to network security incidents, prevent illegal and criminal activities on the network, and maintain the integrity, confidentiality and availability of network data.
Eleventh network-related industry organizations in accordance with the articles of association, strengthen industry self-discipline, formulate norms of network security behavior, guide members to strengthen network security protection, improve the level of network security protection, and promote the healthy development of the industry.
Article 12 The state protects the rights of citizens, legal persons and other organizations to use the Internet according to law, promotes the popularization of network access, improves the level of network services, provides safe and convenient network services for the society, and ensures the orderly and free flow of network information according to law.
When using the Internet, any individual or organization shall abide by the constitutional law, observe public order and respect social morality, and shall not endanger network security, use the Internet to endanger national security, honor and interests, incite subversion of state power and overthrow the socialist system, incite secession, undermine national unity, publicize terrorism and extremism, publicize ethnic hatred and discrimination, disseminate violent, obscene and pornographic information, fabricate and disseminate false information, and disrupt economic order.
Article 13 The State supports the research and development of network products and services conducive to the healthy growth of minors, punishes activities that endanger the physical and mental health of minors by using the network according to law, and provides a safe and healthy network environment for minors.
Fourteenth any individual or organization has the right to report acts that endanger network security to the departments of network information, telecommunications and public security. The department that receives the report shall promptly handle it according to law; If it does not belong to the responsibilities of this department, it shall be transferred to the department that has the right to handle it in time.
The relevant departments shall keep confidential the relevant information of informants and protect their legitimate rights and interests.
Chapter II Network Security Support and Promotion
Article 15 The State shall establish and improve the network security standard system. The State Council standardization administrative department and other relevant departments in the State Council shall, according to their respective functions and duties, organize the formulation and timely revision of national standards and industry standards related to network security management and network products, services and operation safety.
The state supports enterprises, scientific research institutions, universities and network-related industry organizations to participate in the formulation of national and industry standards for network security.
Article 16 the State Council and the people's governments of provinces, autonomous regions and municipalities directly under the Central Government should make overall plans, increase investment, support key network security technology industries and projects, support the research, development and application of network security technology, promote safe and reliable network products and services, protect the intellectual property rights of network technology, and support enterprises, research institutions and institutions of higher learning to participate in the national network security technology innovation project.
Article 17 The State promotes the construction of socialized network security service system, and encourages relevant enterprises and institutions to provide network security services such as certification, testing and risk assessment.
Article 18 The State encourages the development of network data security protection and utilization technologies, promotes the opening of public data resources, and promotes technological innovation and economic and social development.
The state supports the innovation of network security management methods and the application of new network technologies to improve the level of network security protection.
Nineteenth people's governments at all levels and their relevant departments shall regularly organize publicity and education on network security, guide and urge relevant units to do a good job in publicity and education on network security.
The mass media should carry out targeted publicity and education on network security for the society.
Article 20 The State supports enterprises, institutions of higher learning, vocational schools and other education and training institutions to carry out education and training related to network security, adopt various ways to cultivate network security talents, and promote the exchange of network security talents.
Chapter III Network Operation Security
Section 1 General Provisions
Article 21 The State implements a network security level protection system. Network operators shall, in accordance with the requirements of the network security level protection system, perform the following security protection obligations, protect the network from interference, destruction or unauthorized access, and prevent network data from being leaked, stolen or tampered with:
(a) to formulate internal security management systems and operating procedures, determine the person in charge of network security, and implement the responsibility of network security protection;
(two) to take technical measures to prevent computer viruses and network attacks, network intrusion and other acts that endanger network security;
(three) to take technical measures to monitor and record the network operation status and network security incidents, and keep the relevant network logs for not less than six months in accordance with the regulations;
(four) take measures such as data classification, important data backup and encryption;
(5) Other obligations stipulated by laws and administrative regulations.
Twenty-second network products and services should meet the mandatory requirements of relevant national standards. Providers of network products and services shall not set up malicious programs; When it is found that there are risks such as security defects and loopholes in its network products and services, it shall immediately take remedial measures, inform users in a timely manner according to regulations, and report to the relevant competent departments.
Network products and service providers should provide continuous security maintenance for their products and services; The provision of safety maintenance shall not be terminated within the time limit stipulated or agreed by both parties.
If a network product or service has the function of collecting user information, its provider shall express it to the user and obtain consent; Where personal information of users is involved, the provisions of this law and relevant laws and administrative regulations on the protection of personal information shall also be observed.
Twenty-third network key equipment and network security products should meet the mandatory requirements of relevant national standards, and can be sold or provided only after they have been certified or tested by qualified institutions. The national network information department shall, jointly with the relevant departments of the State Council, formulate and publish the catalogue of key network equipment and special products for network security, promote mutual recognition of safety certification and safety testing results, and avoid repeated certification and testing.
Article 24 When a network operator handles network access and domain name registration services for users, handles network access procedures such as fixed telephones and mobile phones, or provides services such as information dissemination and instant messaging for users, it shall require users to provide real identity information when signing an agreement with users or confirming the provision of services. If the user does not provide true identity information, the network operator shall not provide relevant services for him.
The state implements the network trusted identity strategy, supports the research and development of safe and convenient electronic authentication technology, and promotes mutual recognition between different electronic authentications.
Twenty-fifth network operators should formulate emergency plans for network security incidents to deal with security risks such as system vulnerabilities, computer viruses, network attacks and network intrusions in a timely manner; In the event of an incident that endangers network security, immediately start the emergency plan, take corresponding remedial measures, and report to the relevant competent authorities as required.
Twenty-sixth to carry out network security authentication, detection, risk assessment and other activities, release system vulnerabilities, computer viruses, network attacks, network intrusion and other network security information. Announced to the public, it shall abide by the relevant provisions of the state.
Twenty-seventh any individual or organization shall not engage in illegal intrusion into other people's networks, interfere with the normal functions of other people's networks, steal network data and other activities that endanger network security; Do not provide programs and tools specially used to engage in activities that endanger network security, such as invading the network, interfering with the normal functions and protective measures of the network, and stealing network data; Knowing that others are engaged in activities that endanger network security, they shall not provide technical support, advertising promotion, payment and settlement services.
Twenty-eighth network operators should provide technical support and assistance for the activities of public security organs and state security organs to safeguard national security and investigate crimes according to law.
Article 29 The state supports network operators to cooperate in the collection, analysis, notification and emergency response of network security information, so as to improve the security guarantee capability of network operators.
Relevant industry organizations should establish and improve the norms and cooperation mechanisms of network security protection in their own industries, strengthen the analysis and evaluation of network security risks, regularly give risk warnings to members, and support and assist members in coping with network security risks.
Thirtieth the information obtained by the network information department and the relevant departments in performing the duties of network security protection can only be used for the needs of maintaining network security and shall not be used for other purposes.
Section 2 Operation Safety of Key Information Infrastructure
Article 31 On the basis of the network security level protection system, the state gives priority protection to important industries and fields such as public communication and information services, energy, transportation, water conservancy, finance, public services, e-government, and other key information infrastructures that may seriously endanger national security, national economy and people's livelihood and public interests. The specific scope of key information infrastructure and security protection measures shall be stipulated by the State Council.
The state encourages network operators outside the key information infrastructure to voluntarily participate in the key information infrastructure protection system.
Article 32 In accordance with the division of responsibilities stipulated by the State Council, the departments responsible for the security protection of important information infrastructures shall respectively prepare and organize the implementation of the security plans of important information infrastructures in their own industries and fields, and guide and supervise the security protection of important information infrastructures.
Thirty-third key information infrastructure construction should ensure that it has the performance of supporting the stable and continuous operation of the business, and ensure that the safety technical measures are planned, constructed and used simultaneously.
Article 34 In addition to the provisions of Article 21 of this Law, key information infrastructure operators shall also perform the following security protection obligations:
(a) the establishment of a special safety management organization and safety management person in charge, and the safety background review of the person in charge and key positions;
(2) Conducting cyber security education, technical training and skill assessment for employees on a regular basis;
(3) Disaster recovery backup of important systems and databases;
(four) to formulate emergency plans for network security incidents and conduct regular drills;
(5) Other obligations stipulated by laws and administrative regulations.
Thirty-fifth key information infrastructure operators to purchase network products and services that may affect national security shall pass the national security review organized by the national network information department in conjunction with the relevant departments of the State Council.
Thirty-sixth key information infrastructure operators to buy network products and services, should be in accordance with the provisions of the security agreement with the provider, clear security obligations and responsibilities.
Article 37 Personal information and important data collected and generated by key information infrastructure operators in People's Republic of China (PRC) shall be stored in China. If it is really necessary to provide it overseas due to business needs, it shall conduct safety assessment in accordance with the measures formulated by the national network information department in conjunction with the relevant departments of the State Council; Where laws and administrative regulations provide otherwise, such provisions shall prevail.
Thirty-eighth key information infrastructure operators should check and evaluate the security and possible risks of their networks at least once a year, and submit the inspection, evaluation and improvement measures to the relevant departments responsible for the security protection of key information infrastructure.
Article 39 The Ministry of Network Information shall coordinate relevant departments to take the following measures to protect the security of key information infrastructure:
(a) to spot check the security risks of key information infrastructure, put forward improvement measures, and entrust network security service agencies to detect and evaluate the security risks existing in the network when necessary;
(2) Organizing key information infrastructure operators to regularly carry out cyber security emergency drills to improve the level and coordination ability of responding to cyber security incidents;
(3) Promoting the sharing of network security information among relevant departments, key information infrastructure operators, relevant research institutions and network security service institutions;
(four) to provide technical support and help for the emergency handling of network security incidents and the recovery of network functions.
Chapter IV Network Information Security
Fortieth network operators should keep the user information they collect strictly confidential and establish and improve the user information protection system.
Article 41 When collecting and using personal information, network operators shall follow the principles of legality, fairness and necessity, make public the rules of collection and use, clearly state the purpose, manner and scope of collection and use of information, and obtain the consent of the person being collected.
Network operators shall not collect personal information irrelevant to the services they provide, and shall not collect and use personal information in violation of the provisions of laws and administrative regulations and the agreement between the two parties, and shall handle the personal information they save in accordance with the provisions of laws and administrative regulations and the agreement with users.
Forty-second network operators shall not disclose, tamper with or destroy the personal information they collect; Personal information shall not be provided to others without the consent of the person being collected. However, unless the specific individual cannot be identified after processing and cannot be recovered.
Network operators should take technical measures and other necessary measures to ensure the safety of personal information collected by them and prevent information from being leaked, damaged or lost. When personal information is leaked, damaged or lost, it shall immediately take remedial measures, inform users in a timely manner according to regulations, and report to relevant competent departments.
Article 43 If an individual discovers that a network operator has collected and used his personal information in violation of laws, administrative regulations or the agreement of both parties, he has the right to request the network operator to delete his personal information; If it is found that the personal information collected and stored by the network operator is wrong, it has the right to ask the network operator to correct it. Network operators should take measures to delete or correct them.
Article 44 No individual or organization may steal or obtain personal information by other illegal means, or illegally sell or provide personal information to others.
Forty-fifth departments and their staff who are responsible for the supervision and management of network security according to law must keep the personal information, privacy and business secrets they know in performing their duties strictly confidential, and may not disclose, sell or illegally provide them to others.
Article 46 Any individual or organization shall be responsible for its use of the Internet, and shall not set up websites or distribution groups that commit illegal and criminal activities such as fraud, teaching criminal methods, making or selling prohibited items and controlled items, or use the Internet to publish information related to illegal and criminal activities such as fraud, making or selling prohibited items and controlled items.
Forty-seventh network operators should strengthen the management of information released by users. When discovering information that is prohibited by laws and administrative regulations from being published and disseminated, it shall immediately stop the dissemination, take measures such as elimination, prevent the dissemination of information, keep relevant records, and report to the relevant competent departments.
Forty-eighth electronic information sent by any individual or organization and application software provided by any organization shall not contain malicious programs, and shall not contain information prohibited by laws and administrative regulations from being published or disseminated.
Electronic information sending service providers and application software downloading service providers shall fulfill their security management obligations. If it is known that its users have the acts specified in the preceding paragraph, it shall stop providing services, take measures such as elimination, keep relevant records, and report to the relevant competent departments.
Forty-ninth network operators should establish a network information security complaint reporting system, publish information such as complaints and reports, and promptly accept and handle network information security complaints and reports.
Network operators shall cooperate with the supervision and inspection carried out by the network information department and relevant departments according to law.
Article 50 The national network information department and relevant departments shall perform their duties of supervision and management of network information security according to law. When discovering information prohibited by laws and administrative regulations from being published or transmitted, they shall require network operators to stop transmission, take measures such as elimination, and keep relevant records. For the above information from inside and outside People's Republic of China (PRC), the relevant institutions shall be notified to take technical measures and other necessary measures to block the spread.
Chapter V Monitoring, Early Warning and Emergency Disposal
Article 51 The State shall establish a network security monitoring, early warning and information notification system. The national network information department should coordinate relevant departments to strengthen the collection, analysis and notification of network security information, and uniformly release network security monitoring and early warning information in accordance with regulations.
Fifty-second departments responsible for the security protection of key information infrastructure should establish and improve the network security monitoring and early warning and information notification system in their own industries and fields, and submit the network security monitoring and early warning information in accordance with the regulations.
Article 53 The Ministry of Network Information shall coordinate relevant departments to establish and improve the network security risk assessment and emergency work mechanism, formulate emergency plans for network security incidents, and organize regular drills.
The department responsible for the security protection of key information infrastructure shall formulate emergency plans for network security incidents in its own industry and field, and organize regular drills.
The emergency plan for network security incidents should classify network security incidents according to the degree of harm and the scope of influence after the incident, and stipulate corresponding emergency measures.
Article 54 When the risk of network security incidents increases, the relevant departments of the people's governments at or above the provincial level shall take the following measures according to the characteristics of network security risks and possible harm, and in accordance with the prescribed authority and procedures:
(a) require relevant departments, institutions and personnel to collect and report relevant information in a timely manner, and strengthen the monitoring of network security risks;
(2) Organizing relevant departments, institutions and professionals to analyze and evaluate network security risk information, and predict the possibility, influence scope and harm degree of the event;
(three) to release the network security risk warning to the society, and to release the measures to avoid and mitigate the harm.
Article 55 When a network security incident occurs, an emergency plan for the network security incident shall be launched immediately to investigate and evaluate the network security incident. Network operators are required to take technical measures and other necessary measures to eliminate potential safety hazards, prevent harm from expanding, and release relevant early warning information to the public in time.
Article 56 If the relevant departments of the people's governments at or above the provincial level find that there are major security risks or security incidents in the network when performing their duties of network security supervision and management, they can interview the legal representative or principal responsible person of the network operator according to the prescribed authority and procedures. Network operators should take measures to rectify and eliminate hidden dangers as required.
Fifty-seventh emergencies or production safety accidents due to network security incidents shall be handled in accordance with the Law of People's Republic of China (PRC) on Emergency Response, the Law of People's Republic of China (PRC) on Work Safety and other relevant laws and administrative regulations.
Article 58 In order to safeguard national security and social public order and respond to major social security emergencies, the State Council has decided or approved to take temporary measures such as restricting network communication in specific areas.
Chapter VI Legal Liability
Article 59 If a network operator fails to fulfill the obligations of network security protection stipulated in Articles 21 and 25 of this Law, the relevant competent department shall order it to make corrections and give a warning; Those who refuse to correct or lead to the consequences of endangering network security shall be fined 1 10,000 yuan or more110,000 yuan or less, and the directly responsible person in charge shall be fined 5,000 yuan or more and 50,000 yuan or less.
If the operators of key information infrastructure fail to fulfill the obligations of network security protection stipulated in Articles 33, 34, 36 and 38 of this Law, the relevant competent authorities shall order them to make corrections and give them a warning; Those who refuse to correct or lead to the consequences of endangering network security shall be fined not less than 100,000 yuan but not more than 1 million yuan, and those directly in charge shall be fined not less than 10,000 yuan but not more than 100,000 yuan.
Article 60 Anyone who violates the provisions of the first and second paragraphs of Article 22 and the first paragraph of Article 48 of this Law and commits any of the following acts shall be ordered by the relevant competent department to make corrections and given a warning; Those who refuse to correct or lead to the consequences of endangering network security shall be fined between 50,000 yuan and 500,000 yuan, and those who are directly in charge shall be fined between 10,000 yuan and 100,000 yuan:
(1) Setting up malicious programs;
(2) Failing to take immediate remedial measures for risks such as safety defects and loopholes in its products and services, or failing to inform users in time and report to the relevant competent authorities in accordance with regulations;
(three) to terminate the provision of safety maintenance for its products and services without authorization.
Article 61 If a network operator violates the provisions of the first paragraph of Article 24 of this Law by not asking users to provide true identity information or providing relevant services to users who have not provided true identity information, the relevant competent department shall order it to make corrections; Refuses to correct or if the circumstances are serious, a fine of more than 50,000 yuan and less than 500,000 yuan may be imposed, and the relevant competent department shall order it to suspend relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke its business license, and impose a fine of more than 10,000 yuan and less than 100,000 yuan on the directly responsible person in charge and other directly responsible personnel.
Article 62 Whoever, in violation of the provisions of Article 26 of this Law, conducts activities such as network security authentication, detection and risk assessment, or releases network security information such as system vulnerabilities, computer viruses, network attacks and network intrusions to the society, shall be ordered by the relevant competent department to make corrections and given a warning; Those who refuse to make corrections or if the circumstances are serious may be fined 1 10,000 yuan or more10,000 yuan or less, and the relevant competent department shall order them to suspend the relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license, and impose a fine of 5,000 yuan or more and 50,000 yuan or less on the directly responsible personnel.
Article 63 Whoever, in violation of the provisions of Article 27 of this Law, engages in activities endangering network security, or provides programs and tools specially used for engaging in activities endangering network security, or provides technical support, advertising, payment and settlement for others engaging in activities endangering network security, which does not constitute a crime, shall be confiscated by the public security organ, detained for not more than five days, and may also be fined not less than 50,000 yuan but not more than 500,000 yuan; If the circumstances are serious, they shall be detained for not less than five days but not more than fifteen days, and may also be fined not less than one hundred thousand yuan but not more than one million yuan.
If a unit commits the acts mentioned in the preceding paragraph, the illegal income shall be confiscated by the public security organ, and a fine of100000 yuan or more1000000 yuan or less shall be imposed, and the directly responsible person in charge and other directly responsible personnel shall be punished in accordance with the provisions of the preceding paragraph.
Persons who violate the provisions of Article 27 of this Law and are punished by public security administration shall not engage in the work of key positions in network security management and network operation within five years; Persons subject to criminal punishment shall not engage in key positions in network security management and network operation for life.
Article 64 If a network operator or network product service provider violates the provisions of the third paragraph of Article 22 and Articles 41 to 43 of this Law and infringes upon the legally protected personal information rights, the relevant competent department shall order it to make corrections, and may, according to the circumstances, impose a single punishment or a warning, confiscate the illegal income and impose a fine of not less than one time but not more than ten times the illegal income; If there is no illegal income, a fine of not more than 1 million yuan shall be imposed, and a fine of not less than 10,000 yuan but not more than 100,000 yuan shall be imposed on the person directly responsible. If the circumstances are serious, it may be ordered to suspend the relevant business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license.
Whoever, in violation of the provisions of Article 44 of this Law, steals or obtains, illegally sells or illegally provides other people's personal information by other illegal means, which does not constitute a crime, shall be confiscated by the public security organ and fined between one and ten times the illegal income. If there is no illegal income, a fine of less than one million yuan shall be imposed.
Article 65 If an operator of key information infrastructure violates the provisions of Article 35 of this Law and uses a network product or service that has not passed the security review or failed the security review, the relevant competent department shall order him to stop using it and impose a fine of 1 times or more and 10 times or less; The directly responsible person in charge and other directly responsible personnel shall be fined 1 more than 10,000 yuan1less than 0,000 yuan.
Article 66 Where an operator of key information infrastructure violates the provisions of Article 37 of this Law by storing network data abroad or providing network data abroad, the relevant competent department shall order him to make corrections, give him a warning, confiscate his illegal income, and impose a fine of not less than 50,000 yuan but not more than 500,000 yuan, and may also order him to suspend business, suspend business for rectification, close the website, revoke the relevant business license or revoke his business license; The directly responsible person in charge and other directly responsible personnel shall be fined 1 more than 10,000 yuan1less than 0,000 yuan.
Article 67 Whoever, in violation of the provisions of Article 46 of this Law, establishes a website or a distribution group to carry out illegal and criminal activities, or uses the Internet to publish information related to the implementation of illegal and criminal activities, which does not constitute a crime, shall be detained by the public security organ for not more than five days, and may also be fined not less than 10,000 yuan but not more than 100,000 yuan; If the circumstances are serious, they shall be detained for not less than five days but not more than fifteen days, and may be fined not less than 50,000 yuan but not more than 500,000 yuan. Shut down websites and distribution groups used to carry out illegal and criminal activities.
If a unit commits the acts mentioned in the preceding paragraph, the public security organ shall impose a fine of not less than 100,000 yuan but not more than 500,000 yuan, and the directly responsible person in charge and other directly responsible personnel shall be punished in accordance with the provisions of the preceding paragraph.
Article 68 If a network operator, in violation of the provisions of Article 47 of this Law, fails to stop transmitting information prohibited by laws and administrative regulations, takes measures such as elimination and keeps relevant records, the relevant competent department shall order it to make corrections, give it a warning and confiscate its illegal income; Those who refuse to make corrections or if the circumstances are serious may be fined from 100,000 yuan to 500,000 yuan, and may be ordered to suspend business, suspend business for rectification, close the website, revoke the relevant business license or revoke the business license, and the directly responsible person in charge and other directly responsible personnel may be fined from 10,000 yuan to 100,000 yuan.
If an electronic information sending service provider or an application software downloading service provider fails to fulfill the safety management obligations stipulated in the second paragraph of Article 48 of this Law, they shall be punished in accordance with the provisions of the preceding paragraph.
Sixty-ninth network operators in violation of the provisions of this law, one of the following acts, the relevant competent departments shall be ordered to correct; Refuses to correct or if the circumstances are serious, a fine of not less than 50,000 yuan but not more than 500,000 yuan shall be imposed, and a fine of not less than 10,000 yuan but not more than 100,000 yuan shall be imposed on the directly responsible person in charge and other directly responsible personnel:
(a) not in accordance with the requirements of the relevant departments