China’s top internet regulator released a cyberspace security strategy on Dec 27, 2016 advocating peace, security, openness, cooperation and order.
The government will guarantee cyberspace sovereignty and national security, protect information infrastructure and act against cyber terror and crimes, according to the 15-page strategy released by the Cyberspace Administration of China (CAC).
Rules and their imposition will be improved and international cooperation expanded.
China approved a new cybersecurity law despite the opposition of foreign technology companies and rights groups. The law is scheduled to take effect in June 2017.
The Standing Committee of the National People’s Congress, the top legislature in China passed the cybersecurity law on Monday. Under the law, internet operators are required to cooperate with investigations involving crime and national security. Their computers are required to undergo mandatory testing and certification. Companies suspected of wrong-doings are obliged to give government investigators full access to their data.
Companies are required to keep the data about Chinese citizens and businesses on domestic servers and are prohibited from transferring the data overseas without permission from the government.
Cyberspace is a new frontier as important as any other. “Cyberspace sovereignty is an important part of state sovereignty,” the strategy reads.
All countries should be respected in their internet development and management, playing equal parts in a cyberspace governance without hegemony or double standards.
China will use whatever means necessary — scientific, technological, legal, diplomatic or military — to ensure cyberspace sovereignty. No attempt to use the internet to undermine or overturn China’s national regime or sabotage sovereignty will be tolerated.
China is home to the world’s largest online population. About 700 million people in China use the internet to study, make purchases, work and access public services.
In this context, protecting critical information infrastructure and important data is crucial. Products, services and companies used by government institutions will be subject to security checks and vetting.
Service producers and other organizations will not be allowed to take advantage of privileged information or technology to compete unfairly or harm users’ interests.
“This does not mean that we will refuse foreign products or services,” said Zhao Zeliang, director of the CAC cybersecurity coordination bureau.
“Our requirements of security and controllability are not meant to raise barriers to foreign enterprises,” he told a news conference at the release of the strategy.
“The market will be open and transparent.”
China will participate in dialogues and exchanges in cybersecurity; help establish international norms and anti-terror pacts; and improve judicial collaboration. International cooperation will be enshrined in policy, law, technology, standards, emergency response and security infrastructure.
Every assistance will be extended to developing countries as they build information infrastructure.
Lu Jianwen, in charge of cybersecurity at the Ministry of Industry and Information Technology, said priority will be given to building Africa’s information highway and cooperation in communication technology.
China will be pleased to provide training in developing countries, he said.
China is an internet power
The Chinese government explained that the cybersecurity law is necessary to prevent national security threats such as hacking and terrorism. China became aggressive in protecting its IT systems since Edward Snowden’s exposés about the Unites States’ spying.
Yang Heqing, an official of the standing committee of the National People’s Congress, said, “China is an internet power, and as one of the countries that face the greatest internet security risks, urgently needs to establish and perfect network security legal systems.”
Zhao Zeliang, director general of the bureau of cyber security for the Cyberspace Administration of China, explained, “The law fits international trade protocol and its purpose is to safeguard national security. China’s cybersecurity requirements are not being used as a trade barrier.”
Ma Minhu, director of the Information Security Laws Research Center of Xi’an Jiaotong University, believes that the new law is designed to “protect China’s cybersecurity and will not damage the interests and the normal operations of foreign companies.
Last year, Chinese President Xi Jinping pointed out that countries have the right to regulate their internet during the World Internet Conference in Zhejiang province. He also asked countries to respect each others’ “cyber sovereignty” and proposed a global governance system “to curb the abuse of information technology, oppose network surveillance and hacking and fight against a cyberspace arms race.”
China’s cybersecurity law threatens foreign tech companies
Critics abroad are concerned that China’s new cybersecurity law threatens the operations of foreign technology companies. They also argued that the law includes contentious provisions including the requirements for security reviews and data storage on private servers.
In August, more than 40 global business groups filed a petition encouraging Chine Premier Li Keqiang to amend the controversial provisions of the law.
According to James Zimmerman, the chairman of the American Chamber of Commerce in China, said the controversial provisions are “vague, ambiguous, and subject to broad interpretation by regulatory authorities.”
On the other hand, rights advocates argued the new cybersecurity is intended to strengthen China’s internet restrictions. They noted that the country’s online censorship known as the Great Firewall is the most sophisticated worldwide.
In a statement, Sophie Richardson. Director of Human Rights Watch in China, commented, “Despite widespread international concern from corporations and rights advocates for more than a year, Chinese authorities pressed ahead with this restrictive law without making meaningful changes.”