China’s national security review regime is primarily governed by the Measures on National Security Review of Foreign Investment (NSR Measures), issued on 19 December 2020 by the National Development and Reform Commission (NDRC) and MOFCOM. The NSR Measures build on earlier regulations, including the Circular of the General Office of the State Council on the Establishment of Security Review System Regarding Merger and Acquisition of Domestic Enterprises by Foreign Investors (2011 Circular) and the Measures for the National Security Review of Foreign Investment Pilot Free Trade Zones from the State Council General Office (Free Trade Zone Circular), which technically remain effective but have been rarely applied in practice.
The NSR Measures outline detailed rules for the national security review framework, managed by a Working Mechanism led by the NDRC and MOFCOM. The process consists of two stages: a General Review to assess whether a transaction requires further scrutiny, and a Special Review for a more in-depth assessment if potential national security risks are identified. According to Art. 4 of the Measures, the regime applies to foreign investments that: (i) involve control over enterprises in key sectors, such as critical infrastructure, technology, energy, and information services; or (ii) impact national security through equity acquisitions, asset purchases, or greenfield investments.
Furthermore, "control" is defined broadly, encompassing scenarios where foreign investors hold more than 50% equity, exert significant influence over operations or decision-making, or control key aspects of the business. It is reported that the NSR regime introduces clearer procedures compared to previous rules, it remains opaque regarding timelines, procedural details, and decision outcomes.

In April 2011, the Ministry of Commerce of the People's Republic of China announced anti-dumping duties on non-displacement single-mode optical fibres (used, for example, for long-distance telephony and multichannel television broadcasting systems) (HS code: 9001.1000) imported from the EU and the U.S. This measure was reviewed and extended in April 2017 and, subsequently in April 2022. The duty rate on imports originating from the European Union ranges from 12.9% to 29.1%, depending on the company. The duty rate on imports originating from the United States ranges from 33.3% to 78.2%, depending on the company.

According to Art. 59 of the National Security Law of the People's Republic of China, the State shall establish comprehensive systems and mechanisms for national security review and oversight. These systems shall encompass the review of foreign commercial investments, special items and technologies, internet information technology products and services, projects related to national security, and other significant activities or matters that impact or could impact national security. Art. 60 provides that central state organs shall conduct national security reviews, issue opinions, and supervise enforcement in accordance with legal and administrative regulations. Moreover, Art. 61 mandates that provinces, autonomous regions, and directly governed municipalities shall be responsible for national security review and regulation within their administrative regions, ensuring compliance with the law.

Art. 10 of the Government Procurement Law states that procuring entities must procure domestic goods, construction, and other services, except in one of the following situations: (i) where the goods, construction, or other services needed are not available within the territory of China or cannot be acquired on reasonable commercial terms, even if they are available in China; (ii) where the items to be procured are for use abroad; and (iii) where otherwise provided for by other laws and administrative regulations.
Moreover, the Chinese public procurement regulations actively promote a Buy Chinese policy. In principle, only Chinese companies are allowed to bid in public tenders, with foreign companies permitted only under exceptions. Government agencies and related entities are required to purchase equipment and technology from Chinese state-owned or privately-owned manufacturing companies. It is reported that public tenders often lack sufficient publicity. Furthermore, central and local entities tend to implement these provisions very broadly, exceeding the discriminations imposed by the law.

A report by the National Development and Reform Commission of China and the Ministry of Finance bans the purchase of certain foreign IT products for selected government procurement lists. For example, one government procurement list banned ten Apple Inc. products, including the iPad, iPad Mini, MacBook Air and MacBook Pro.
A separate procurement list includes some Apple computers that departments can continue to buy on a smaller scale, i.e. purchases totalling less than 1.2 million yuan (USD 195,000). Products from Dell Inc., Hewlett-Packard Co. and Chinese maker Lenovo Group Ltd. were included on both lists. This ban applies to all central Communist Party departments, government ministries and local governments.

In June 2014, the Centre of Public Procurement of the Central Government issued the result of the public tender for central government procurement of electronic information products of 2014 (Vol. 21, GC-HJ140283). Under the "Antivirus Software" category, all foreign security providers such as Kaspersky and Symantec were excluded from the list. Only five Chinese providers, i.e. 360, Jiangmin, Rising, Kingsoft, and KILL, are listed for national security consideration.

The Administrative Measures for the Multi-level Protection of Information Security (MLPS) require all IT systems in China to be classified into different levels of security, from one to five (with the most sensitive systems designated as level 5). In 2019, the MLPS 2.0 (composed by GB/T 22239-2019, GB/T 25070-2019, and GB/T 28448-2019) has expanded the definition of 'information systems' to broader systems, including network infrastructure, cloud computing systems, mobile application platforms, connected devices and industrial control systems.
The MLPS 2.0 requires networks of level 3 and above to adopt network products and services appropriate to their security protection levels. Companies classified as level 2 and above require the procurement and use of encryption products and services to be preapproved by the Chinese government. Under the MLPS 2.0, companies must self-assess their security management and compliance, and such assessment results must be evaluated and endorsed by the MLPS regulatory body.
The MLPS 2.0 requires companies in China to set up their cloud infrastructure, including servers, virtualised networks, software, and information systems. Such cloud infrastructures are subject to testing and evaluation by the Chinese government. Overseas operation and maintenance of Chinese cloud computing platforms must also follow Chinese laws and regulations. The national standards also state that customers' data and users' personal information processed by cloud service providers should be stored inside China, which is an additional requirement. It is currently uncertain how these national standards would be enforced, and there have not yet been reports of enforcement.

Imported and exported encryption products must be certified by the Office of State Commercial Cryptography Administration (OSCCA). The use of encryption products without OSCCA certification is prohibited, regardless of the public, commercial or individual nature of use. However, it is reported that, in practice, only Chinese or Chinese-owned companies are eligible for OSCCA certification to sell, produce and carry out R&D for encryption technology in China, as well as to gain product licensing. Foreign or foreign-owned companies, even if based in China, are excluded. In practice, this means that using foreign encryption products in public procurement is effectively prohibited in China. International firms are therefore excluded from government contracts for ‘information security products’ such as smart cards, firewalls and secure databases.

Decree No. 776 on Consumer Protection Law provides a comprehensive framework for consumer protection that also applies to online transactions. Art. 4 of the Consumer Protection Law provides a taxative list detailing the basic rights of the subjects benefited by the law. In addition, Arts. 21-A and 21-B refer to the obligations of suppliers in e-commerce.

El Salvador has not signed the United Nations (UN) Convention on the Use of Electronic Communications in International Contracts.

El Salvador has adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Commerce.

El Salvador has not adopted national legislation based on or influenced by the United Nations Commission on International Trade Law (UNCITRAL) Model Law on Electronic Signatures.

A basic legal framework on intermediary liability beyond copyright infringement is absent in El Salvador's law and jurisprudence.

It is reported that El Salvador imposes an identity requirement for SIM registration. Anyone wanting to purchase a SIM card has to provide their national ID card or a passport in case of foreigners to activate a new prepaid SIM card.