Vmenkov
The new law on cyber security was approved today at session of the Standing Committee of National People's Congress. Although the law, according to the Chinese authorities, is aimed at strengthening national security in the face of threats such as hacker attacks and terrorism, its adoption is a major concern, especially outside the country.
One of requirements has alarmed human rights activists and business representatives. This is mandatory testing and certification of computer equipment of technology companies. Foreign companies operating in China fear that the law may compel them to disclose source code, encryption algorithms and other important information to the authorities. In addition, all data on Chinese companies and citizens, gathered in China, has now to be stored on internal servers, and transferred out of the country only with permission of the authorities.
All this may cause a negative impact on international business in China, and will provide a significant advantage to Chinese companies and manufacturers, although the Chinese authorities deny this. General Director of Cyber Security Bureau of China’s Office for Cyberspace Management says this law conforms to rules of international trade. Its main purpose is protection of national security. He is sure that "the law’s requirements are not a trade barrier." "Should we only speak about security and reliability, our friends, especially foreign ones, are beginning to resent. They think that it is synonymous with trade barriers. But it's just a misunderstanding, preconception," - he noted.
Under the new law, providers must ensure that users are registered under their real names. Those companies that allow spreading of unverified or disapproved information will be subject to penalties. The law also regulates cyber security training, and requires agencies and companies to strengthen security measures aimed at network break-ins. The new rules give the government wide powers to prosecute and punish those individuals or organizations that are breaking into the network of important infrastructure facilities (water, energy, transport and so on). In addition, the Chinese government now may "restrict access to the Internet in some regions" in order to protect national security and public order.
Meanwhile, observers acknowledge, wording of the law is smooth enough, and it does not contain specific measures to curb illegal activities. Chairman of the American Chamber of Commerce in China, James Zimmerman stated in an interview with Reuters that provisions of the new law are "vague, ambiguous and can be interpreted freely by regulators."
source: reuters.com
One of requirements has alarmed human rights activists and business representatives. This is mandatory testing and certification of computer equipment of technology companies. Foreign companies operating in China fear that the law may compel them to disclose source code, encryption algorithms and other important information to the authorities. In addition, all data on Chinese companies and citizens, gathered in China, has now to be stored on internal servers, and transferred out of the country only with permission of the authorities.
All this may cause a negative impact on international business in China, and will provide a significant advantage to Chinese companies and manufacturers, although the Chinese authorities deny this. General Director of Cyber Security Bureau of China’s Office for Cyberspace Management says this law conforms to rules of international trade. Its main purpose is protection of national security. He is sure that "the law’s requirements are not a trade barrier." "Should we only speak about security and reliability, our friends, especially foreign ones, are beginning to resent. They think that it is synonymous with trade barriers. But it's just a misunderstanding, preconception," - he noted.
Under the new law, providers must ensure that users are registered under their real names. Those companies that allow spreading of unverified or disapproved information will be subject to penalties. The law also regulates cyber security training, and requires agencies and companies to strengthen security measures aimed at network break-ins. The new rules give the government wide powers to prosecute and punish those individuals or organizations that are breaking into the network of important infrastructure facilities (water, energy, transport and so on). In addition, the Chinese government now may "restrict access to the Internet in some regions" in order to protect national security and public order.
Meanwhile, observers acknowledge, wording of the law is smooth enough, and it does not contain specific measures to curb illegal activities. Chairman of the American Chamber of Commerce in China, James Zimmerman stated in an interview with Reuters that provisions of the new law are "vague, ambiguous and can be interpreted freely by regulators."
source: reuters.com