China Drafts New Law To Safeguard Its Cyberspace Sovereignty

China Drafts New Law

State media in China today revealed that its parliament has published a draft law that will “safeguard national cyberspace sovereignty,” as well as “security and development.” It is widely agreed that once accepted, the new law will consolidate government control over digital data and consequently have significant consequences for international and multinational companies doing business in China, as well as Internet service providers operating within the country.

According to an article released by Reuters this morning, the European Union Chamber of Commerce in China is “worried” about the development, in spite of the fact that the law has been a subject of discussion and debate for months. The main concern is, says Chamber president, Joerg Wuttke, that the language used in the draft legislation is so vague it isn’t clear how the law will be enforced.

Reuters also states that the East Asia director of Amnesty International, Nicholas Bequelin believes the law will “institutionalize censorship practices” that have never been previously formulated in an explicit manner. For instance, it will give the Government legal power to instantly cut Internet access in the event of “sudden” incidents if authorities felt order needed to be maintained. This is exactly what it did for ten months after about 200 people died in Urumqi in ethic riots during 2009.

It is understood that the draft law will be far-reaching, and will not only improve privacy protection from cyber attack and hackers, but will also increase the power of the government to secure records and prevent publication and distribution of information that is seen as illegal in Chinese law. This will effectively enable the authorities to regulation information flow to the people.

The draft legislation, dated Monday July 6, 2015, aims, amongst other things, to ensure that anyone using messaging apps via the Internet in China must use real names. It states that all network equipment must be approved according to government testing standards, and all data collected by Internet Service Providers within China must be stored on Chinese territory. It also states that data stored in other countries for business purposes must be approved by the Chinese government. This will undoubtedly affect moves by Chinese e-commerce companies like Aliyun to expand their cloud services out of China.

According to a report in the South China Morning Post today, the Chinese government has identified cybersecurity as “a particularly irksome” element when it comes to certain economic partners, including the US that is opposed to many proposed rules as unfair to Silicon Valley companies.

The Chinese parliament has said government agencies will provide guidelines that will help network security, particularly for those “critical industries” like energy, finance, transport and telecoms, as well as national military and defense, and government administration. It has also announced that it will accept feedback on the draft legislation until August 5, 2015.

Earlier this month, on July 1, China’s parliament passed another sweeping national security law that has tightened control by government through the broad spectrum of life as it relates to culture, politics, the economy, the environment, technology, and the military. Essentially this law aims to ensure that all key information and infrastructure systems are both controllable and secure. The new draft legislation is the next step.

By Penny Swift

Tom Fanelli

Episode 9: Taking a Deep Dive into WordPress for Small and Medium Business

Deep Diving Into WordPress WordPress. For a lot of people this name might initially conjure up a place for amateur bloggers, almost a hobbyist site. But nothing could be further from the truth. As an ...
Jen Klostermann

Enterprises Starting To Embrace Blockchain-as-a-Service (BaaS)

Blockchain as a Service (BaaS) Many global companies have already implemented Blockchain-as-a-Service (BaaS) into their cloud offerings. There isn't any question that offering BaaS can serve as a differentiator for many companies. Not to mention, ...
Episode 4: The Power of Regulatory Compliant Cloud: A European Case Study

Episode 4: The Power of Regulatory Compliant Cloud: A European Case Study

An interview with Johan Christenson, CEO of CityNetwork With the world focusing on the big three hyperscalers, there is still room – and much necessity for – more local cloud providers who are better suited ...
Jim Fagan

Behind The Headlines: Capacity For The Rest Of Us

Capacity For The Rest Of Us We live in the connected age, and the rise of cloud computing that creates previously unheard of value in our professional and personal lives is at the very heart ...
Kokumai

Identity Assurance – Sufficient and Necessary Conditions

Identity Assurance It is not easy to define the 'sufficient condition' for describing a set of processes used to establish that a natural person is real, unique, and identifiable; criminals keep coming up with hitherto ...
Juan Pablo Perez Etchegoyen

7 Security and Compliance Considerations for Cloud-Based Business Applications  

Security and Compliance Considerations There’s no doubt on-premises deployments of mission-critical business applications provide more control over data as it resides within the four walls of an organization’s network infrastructure. However, businesses can no longer ...