China’s government is tightening its grip on the internet in the country after it released a new draft cybersecurity law this week.
The draft — an English version is available at Chinalawtranslate.com — was released for comments earlier this week — the feedback loop will close in August — but it went unreported by domestic media until Wednesday. There’s not much that it is actually new inside the proposed regulation, instead it formalizes a lot of powers that China has used in the past while granting wider decision making powers to the Cyberspace Administration of China, as the New York Times noted.
Some standouts from the draft include a clause that allows the government to mandate service providers shut off internet access in the event of “major social security incidents.” China has previously cut out and restricted internet access for months during times of tensions and rioting among ethnics minorities in the west of the country.
Data protection is another major topic, and the draft tasks internet companies with securing user data more securely and responding in a timely fashion in the event that it is compromised. One component of that is that companies — and that appears to include non-Chinese firms in the country too — must store user data on Chinese soil. That said, data can be stored overseas for business purposes if approved by the state.
There are also clauses to boost real-name regulations, a policy that China has progressively expanded over the past couple of years but has been laxly adopted by internet firms to date.
At this point, it isn’t clear how the proposed law will affect international companies that do business in China. The draft is suitably vague and likely to undergo changes before being formally adopted, but there’s already plenty of cause for concern.
“The foreign business community will be reading the law closely, trying to determine how the cybersecurity standards and procurement provisions will be implemented. The past few months will not give them great comfort, as Beijing has adopted a national security law and other provisions to make technology used in China ‘secure and controllable,’” wrote Adam Segal, senior fellow China with the Council on Foreign Relations in New York.
Comment