China has enacted a significant revision to its Cybersecurity Law, which will take effect on January 1, 2026. The updated legislation, approved by the Standing Committee of the 14th National People’s Congress, places a strong emphasis on advancing artificial intelligence (AI) research and development while imposing harsher penalties for cybersecurity violations. A key addition to the law is the explicit support for foundational AI research, including the development of algorithms, training data resources, and computing infrastructure. The revision also mandates the establishment of robust AI ethics guidelines, enhanced risk monitoring, and safety oversight to ensure the responsible application of AI technologies. Furthermore, the law encourages the integration of AI into innovative cybersecurity management practices to bolster protection levels. The amendments introduce stricter penalties for violations, particularly those involving large-scale data breaches or the loss of functionality in critical information infrastructure. Operators failing to meet cybersecurity obligations could face fines ranging from 500,000 to 10 million yuan, while individuals directly responsible may be fined up to 1 million yuan. The revised law also strengthens enforcement against the dissemination of prohibited information, with fines escalating to 10 million yuan for severe violations. This marks the second revision of the Cybersecurity Law since its inception in 2016, reflecting China’s commitment to addressing emerging challenges in the digital landscape. The NPC official highlighted the law’s role in curbing harmful cyber activities while acknowledging the persistent threats of network intrusions and illegal content dissemination. The amendments aim to refine liabilities, enhance coordination with related laws, and improve the precision and consistency of cybersecurity governance.