Posted by PTL Group
PTL Group
PTL Group has not set their biography yet
User is currently offline
on Wednesday, 23 November 2016
in Business in China

Cybersecurity Law in China

In July 2015 the National People’s Congress (NPC) proposed the first draft of a so called Cybersecurity Law. This year, on November 7th the law was submitted and takes effect in June 2017. Many global companies, especially those operating in the technology sector, are concerned about the passing of this law because they believe it will limit their operational powers within China. One reason, certain business operators say, is that with this law coming into force, the Chinese government would have greater powers to monitor and block any online content they perceive to be a threat. In addition to this, those concerned about the law are worried about the government, as well as various other parties, gaining more insight into foreign business’s data. The reason is that the new law requires companies to give the government investigators full access to their data if wrong-doing is suspected.

What exactly is the Cybersecurity Law and what effect could it have?

This law plans to impose a number of new regulations that dictate how network operators must operate within Chinese cyberspace. For instance the law requires that all citizens’ personal information and pertinent business data that is collected or created in China be stored domestically on Chinese servers. Moreover, if a company wants to transfer and provide their data, required for business overseas, a security evaluation must be conducted.

In addition, an interesting change is the definition of “critical information infrastructure”, which in the first draft specifically referred to a number of sectors, namely financial services, transportation, healthcare etc. However this has been omitted in the last draft, which now states that the State Council has the power to implement rules pertaining to the scope of the critical information infrastructure - but what exactly the critical information infrastructure is remains unclear. Moreover, the information collected by government authorities during the process of protecting the key information infrastructure may only be used for network security protection and the information must be anonymous,  meaning that a client’s information may not be passed on to third parties without their consent.

Another concern of network operators is that the law decrees that the State Council should "promote secure and reliable network products and services". What the National People’s Congress defines as “secure and reliable”, however, is not defined which some believe is misleading and discriminatory against foreign information communications technology communities.

In addition to the above, when the law is passed, network operators will be bound to comply with social morals and business ethics in addition to accepting supervision from the government and public.

Therefore, many argue, it would appear that the Chinese government is seeking greater control of the internet in China and, the law’s detractors say, are looking to favor domestic companies over multinational business partners. By being forced to relinquish classified business information, foreign companies fear that their intel is placed at risk and may be made privy to domestic competitors. 

Tags: Untagged

Comments

No comments made yet. Be the first to submit a comment

Leave your comment

Guest
Guest Friday, 28 July 2017