China adopted a controversial cybersecurity law on Monday to counter what Beijing says are growing threats such as hacking and terrorism, although the law has triggered concern from foreign business and rights groups. The legislation, passed by China’s largely rubber-stamp parliament and set to come into effect in June 2017, is an “objective need” of China as a major internet power, a parliament official said.
Overseas critics of the law argue it threatens to shut foreign technology companies out of various sectors deemed “critical”, and includes contentious requirements for security reviews and for data to be stored on servers located in China. Rights advocates also say the law will enhance restrictions on China’s internet, already subject to the world’s most sophisticated online censorship mechanism, known outside the country as the Great Firewall.
Yang Heqing, an official on the National People’s Congress standing committee, said the internet was already deeply linked to China’s national security and development. “China is an internet power, and as one of the countries that faces the greatest internet security risks, urgently needs to establish and perfect network security legal systems,” Yang told reporters at the close of a bimonthly legislative meeting.
More than 40 global business groups petitioned Chinese Premier Li Keqiang in August, urging Beijing to amend controversial sections of the law. Chinese officials have said it would not interfere with foreign business interests. Contentious provisions remained in the final draft of the law issued by the parliament, including requirements for “critical information infrastructure operators” to store personal information and important business data in China, provide unspecified “technical support” to security agencies, and pass national security reviews.
Those demands have raised concern within companies that fear they would have to hand over intellectual property or open backdoors within products in order to operate in China’s market.
“Vague, Ambitious”
James Zimmerman, chairman of the American Chamber of Commerce in China, called the provisions “vague, ambiguous, and subject to broad interpretation by regulatory authorities”. Human Rights Watch said elements of the law, such as criminalising the use of the internet to “damage national unity”, would further restrict online freedom.
“Despite widespread international concern from corporations and rights advocates for more than a year, Chinese authorities pressed ahead with this restrictive law without making meaningful changes,” Sophie Richardson, China Director at Human Rights Watch, said in an emailed statement. Zhao Zeliang, director of the Cyberspace Administration of China’s cyber security coordination bureau, told reporters that every article in the law accorded with rules of international trade and that China would not close the door on foreign companies.
“They believe that [phrases such as] secure and independent control, secure and reliable, that these are signs of trade protectionism. That they are synonymous. This is a kind of misunderstanding, a kind of prejudice,” Zhao said. Many of the provisions had been previously applied in practice, but their formal codification coincides with China’s adoption of a series of other regulations on national security and foreign civil society groups.
The law’s adoption comes amid a broad crackdown by President Xi Jinping on civil society, including rights lawyers and the media, which critics say is meant to quash dissent. Last year, Beijing adopted a sweeping national security law that aimed to make all key network infrastructure and information systems “secure and controllable”.
“China’s government has come to recognise that cyberspace immediately and profoundly impacts on many if not all aspects of national security,” said Rogier Creemers, a researcher in the law and governance of China at Leiden University in the Netherlands. “It is a national space, it is a space for military action, for important economic action, for criminal action and for espionage,” he said.
Reuters