Why Global Technology Firms Need To Acclimatize Chinese Cyber Law

Global technology companies operated in China have faced a challenging task in the recent weeks. In order to strengthen the internet firewall, Chinese officials have blocked the use of private networks (VPNs). According to the new regulations, web users need to register their authentic names and a high-level scrutiny have been imposed on the imported IT products in the financial industry. Several trade groups have sought help from the US trade officials to curb this stringent Chinese cybersecurity law.

Undoubtedly it is a matter of deep concern for the US tech firms. But they need to understand that these policies are implemented by the Chinese government to ensure “cyber-sovereignty”. Chinese government want to ensure that the states have the right to regulate, monitor, supervise, and censor all electronic content transmitted within China. In spite of all these challenges, Chinese practice of this policies have opened up substantial new opportunities for global tech firms operating in this country.

Cyber-Sovereignty and Global Internet Governance

Chinese government have brought in this cyber-sovereignty or internet sovereignty policy because of the shocking revelations made by Edward Snowden about alleged US snooping into Chinese cyber networks for years, often through third-party technology.

Reacting to this treaty, China have centralized internet policy through two high-level committees:

  1. Central Leading Group for Cyberspace Affairs: Chaired by President Xi Jinping, the responsibility of this committee is to draft development plans, national strategies, and major policies.
  2. State Internet Information Office (SIIO): Led by Lu Wei, the primary duty of this committee is to promulgate the policies of Central Leading Group for Cyberspace Affairs to lower-ranking ministries.

After the administrative reshuffling, cyber-sovereignty has gained immense priority. In a speech delivered by President Jinping to Brazil’s National Congress, he emphasised that technologies must not be used to violate cyber-sovereignty. In the World Internet Congress hosted by China, in a welcoming letter to the invitees, Mr. Jinping expressed that his country is willing to work with other countries to build an Internet founded on “respect for cyber-sovereignty and the upholding of cyber-security”.

President Jinping’s conception of cyber-sovereignty can be categorized in two ways. First, an internal component where each government has the right to develop, regulate, and manage its domestic internet in line with its national independent autonomy. Second, an external component involving the right to defend its internet from foreign intrusion and attack.

During the World Internet Congress, the attendees have witnessed an incident after the summit was over. Along with the conference attendees, the representatives of the world’s leading technology companies, received a last-minute nine-point “draft declaration” placed under their hotel room doors at midnight, with comments due back by 8 am. The communiqué included a commitment to respect the internet sovereignty of all countries. But the attendees have refused to accept China’s last-minute gambit. The entire incident have been interpreted in a different way on the tabloids. China Daily claimed internet leaders agree on cyber-sovereignty, security. All the conference attendees had agreed at the closing ceremony to respect internet sovereignty. Whereas on The Wall Street Journal, it was reported that cyber-sovereignty was left unmentioned in the final speech of the Chinese president.

China is the country with a massive internet user base that makes it quite acceptable, it is insisting on a seat at the table of global internet governance. In fact we must welcome China’s desire to engage. But China’s conception of cyber-sovereignty is influenced by national boundaries and regulated by the government administration. National censorship is an acceptable part of “Cyber-sovereignty” of China. Whether it is a German ban on hate speech or a Chinese ban on any content “disrupting social stability,” they are all acceptable, valid and relevant.

Cyber-sovereignty seems to be the focal point of Chinese government and will become a central part of its international engagement for the coming years. It poses a greater challenge to the Western countries who has seen internet as a universal platform.

How Global Technologies see Cyber-Sovereignty?

Although, the concept of China’s cyber-sovereignty appears quite a challenge to the global technology firms operate in China, it also has a bright side. Central Leading Group for Cyberspace Affairs and the SIIO are trying to bring fundamental change to the previous patchwork online governance and bring regulations in a more coordinated manner.

Reports suggest that officials of the global technology firms appreciated furthering market openings. But they need to maintain two conditions-

  1. Imported investment or products must not pose a threat to China’s cybersecurity. There will be security checks on IT products delivered to Chinese banks.
  2. Global technology companies must adhere strictly to Chinese laws and regulations. They can not employ VPNs that weaken the the firewall.

Chinese Leadership could open up Domestic Market

In the newly-established Shanghai Free Trade Zone, government officials have taken away certain restrictions on internet. Amazon is perhaps the most high-profile foreign technology firm to set up operations there. The Shanghai Free Trade Zone is intended as a testing ground for national reforms, its relatively relaxed treatment of foreign investment in general, and e-Commerce in particular, suggests further national liberalization.

Chinese authority have taken certain steps to make the rules and regulations more flexible. They are trying to bring in reforms directed to encourage more foreign investment. Venture capital has been placed in the “encouraged industries” list in the newly drafted revisions.

China’s cyber-sovereignty push is an indicator that it is trying to liberalize its licensing of joint-venture Internet companies.

Chinese state media and officials are viewing overseas investment into China’s Internet market as inevitable. According to Lu Wei, China’s cyberspace supremo, as long as foreign firms respect the Chinese law, they can do business here without any hassle. Companies that do not obey Chinese regulation will be isolated and abandoned from doing business over here.

According to the Global Times, “US Internet giants such as Google will not stay away from the Chinese market forever. Firewall is a stopgap arrangement, whose function will diminish as Chinese cyberspace becomes more developed”.

Once China has perfected its legal framework for internet business ownership, it will open up wider scope to foreign tech firms. Officials in Beijing are well aware that big firms such as Amazon, LinkedIn, and Evernote can bring limitless benefits to the Chinese citizens. Following the Snowden revelations,it is quite expected that China to continue to exercise increased scrutiny over products from the world’s largest technology companies. But when they strictly adhere the Chinese laws, they can easily penetrate Chinese market. Even the small companies in the America can get highly benefited if they can follow China’s cyber-sovereignty principles and design content and services that adhere to Chinese law. Global technology firms need to understand the Chinese law and acclimatize with it.

Share with friends:

Assessing the Effect of China’s Cyber Security Law

Based on the Cybersecurity Law adopted on 2016, Chinese government has come up with a comprehensive Internet security/surveillance program. The surveillance program might create a whole host of challenges. Beijing can utilize the cybersecurity standards to pressure companies to undergo invasive product reviews where sensitive intellectual property (IP) and source code though not explicitly written but may be required as part of verification and testing.

According to Financial Times, when China’s Cyber Security Law took effect in June 2017, it addressed all aspects of cyber security from network systems and facilities to data localization and the protection of critical information infrastructure. Analysts and foreign companies have criticized it as extremely vague and exceptionally wide in scope.

The Cyber Security Law of the People’s Republic of China took effect on June 1st, 2017. Article 37 of the Cybersecurity Law requires personal information and important data collected by operators of critical information infrastructure (CII) to be stored within China’s border, while Article 41 states that network operators are required to gather and store personal information in accordance with the law, administrative regulations and their agreements with users.

Overseas firms have demanded for more clarity and more time to implement the controls that the government wants put in place, but so far China’s internet regulator, The Cyberspace Administration of China, has only relented on pushing back the date for laws relating to the cross-border flow of information. A company that is not registered in China but that conducts business in or provides products or services to China must also be deemed as conducting “operations within the territory of China” and is covered by these regulations.

The new foreign investment law encourages overseas companies to enter China, but rigid cyber surveillance regulations force them to not just partner with local companies but to sometimes share technology, a practice that critics say amounts to a forced transfer of crucial know-how to eventual competitors. For multinational corporations, the proposed rules mean they would now be liable for an additional level of government assessment for information on the likes of local employees and suppliers before sending it to a global database. Also, the rules would create much greater uncertainty for overseas operators which collect data for companies with cross-border business.

China, in other words, appears to be floating the first competitive alternative to the open internet—a model that it is steadily proliferating around the world. China views the internet as a threat to its domestic security that must be controlled within its borders whether because of its potential for domestic coalition-building or its ability to give populations access to censored information. Heavy content censorship, pervasive surveillance, and traffic throttling are all the part of this approach.

Foreign companies in China are being subjected to cyber-security probes as the government tightens controls over areas such as cloud computing, the Financial Times reported. Developments to the Multi-Level Protection Scheme (MLPS), which upholds the cyber law in China, are expected to intensify the monitoring of tech industries, including mobile internet, IoT manufacturing, cloud usage, data and security.

Share with friends: