Policy and Politics: the Impact of China's New Cybersecurity Law
Join us on this teleconference call to learn about China's developing domestic cyber governance system. The event will cover how the government of China seeks to regulate the cyber-sphere to protect citizens and critical infrastructure.
Refresh your browser window if stream does not start automatically.
Almost all digitally-developed countries agree on the importance of cybersecurity regulations and the need for proper measures to protect citizens and critical infrastructure. China, with over 700 million Internet users, has taken dramatic steps to establish a set of laws, regulations, and standards to begin the construction of a domestic cyber governance system, with the government being firmly in control.
How is China seeking to balance the growth and importance of the Internet with cybersecurity threats and concerns? How will cross-border data transfers be impacted by China’s draft regulations? How will this steer the conversation on international standards? In this Ground Truth Briefing, we consider the current direction of China’s cybersecurity strategy and the implications of China’s much-anticipated cybersecurity law, which came into effect on June 1.
Jing de Jong-Chen:
“I have been working with international cybersecurity policy issues with various government[s] and I have never seen a country that took such [an] aggressive approach to really begin… rapid development of its legislation and policies in a very short amount of time.”
“China will take, for example, national security as an anchor and then build around [it]. To support its objectives, you have counterespionage law, intelligence law, cybersecurity law, [and] counterterrorism law…”
“[The new cybersecurity] law actually included not only the general cybersecurity objectives; it also included the data residency requirements, personal data-protection, cross-border data-transfers, and censorship. And this is not only for government notice and take-downs, but [it is] also self-censorship required by the service providers.”
“There is a very strong component about secure and controllable measures and… supply chain risk-management… You will probably hear [it] through industry feedback, which is causing a lot of concerns, because it’s directly related to procurement.”
“China has a structured system for standards-development… The national and industrial standards are developed under careful government supervision. The process is really government-driven, and that contrasts with the system we’re familiar with in the United States, where standard-setting is largely industry-driven.”
“In laws, regulations, and even standards in China, many of the requirements are vague or unclear. Statements of authority tend to be clear, and the description of penalties for lack of compliance can be clear, but the specific technical requirements may be unclear.”
“Standards in China are often used as a tool to implement policies at a detailed, technical level… It’s helpful to look at the hierarchy of laws, regulations, and standards, because it can give you a better understanding of how a standard might be used or what its purpose is.”
Jing de Jong-Chen
Board Advisor, Science and Technology Innovation Program, Wilson Center Former Partner and General Manager, Global Security Strategy and Diplomacy Group in the Corporate, External and Legal Affairs Division at Microsoft Corp
Digital Futures Project
Less and less of life, war and business takes place offline. More and more, policy is transacted in a space poorly understood by traditional legal and political authorities. The Digital Futures Project is a map to constraints and opportunities generated by the innovations around the corner - a resource for policymakers navigating a world they didn’t build. Read more