Page 110 - 2018 White Paper on the Business Environment in China
P. 110
8 White Paper on the Business Environment in China
Shen Yi, Deputy Director of the Cyberspace needs require them to provide the data and information
Governance Study Center at Fudan University wrote in for overseas use, a security evaluation must be carried
China Daily that misinterpreting certain provisions of out, the statement added. The provisions target those
the law as “hampering trade” or compromising China’s operating key information infrastructure, personal
commitments to the World Trade Organization and information and data that are vital to the country. The
sensationalizing the issue was not only unnecessary CAC claimed personal information is allowed to flow
but also could be misleading. According to Shen, abroad with the approval of individuals concerned and
Western multinational enterprises were overreacting to data is allowed to flow abroad after clearing security
“China’s lawful and justified enforcement of regulations” reviews. “Such provisions do not prohibit cross-border
because they were taking for granted the “super-national data flow, nor restrict international trade,” said the CAC,
treatment” offered by most developing countries and the saying cross-border data flow has been a prerequisite for
policy support by their home countries. Cybersecurity is economic globalization and the Belt and Road Initiative.
a precondition for national security. President Xi Jinping The CAC warned against infringement of its cyber
has emphasized the need to strike a balance between sovereignty under the pretext of providing free flow of
secure cyberspace and digital development, and ruled information. Preventing illegal information from entering
out the possibility of “shutting the door” to the Internet China does not contradict supporting the free flow of
for security concerns. The provision requiring key information, it said. “In the real world, all enterprises or
information on infrastructure operators’ data should be individuals are required to observe laws of the countries
especially protected as it is closely linked with national they enter, and there should be no exception made
security. Security reviews are necessary to ensure the data in cyberspace,” according to the statement. The CAC
system does not compromise China’s national security. reiterated that authorities aim to prohibit the spread
The ban on the misuse of users’ personal data is in line of illegal information rather than impeding free speech
with international practice. According to Shen, China (Xinhua, China Focus).
aspires to become a digitally advanced country, a great
opportunity for overseas Internet operators and service Washington and Beijing have reassured each other
providers, especially those in the possession of desired that they would not conduct or support “cyber-enabled
technologies or businesses (Shen). theft of intellectual property”. Indeed, the two countries
want to ramp up cybersecurity cooperation, including
“It does not restrict foreign companies or their combating hacking crimes and Internet fraud. Officials
technology and products from entering the Chinese attending the First US-China Law Enforcement and
market, nor does it limit the orderly, free flow of data,” Cybersecurity Dialogue, held in Washington June 2017,
a June 2017 Cyberspace Administration of China pledged to implement the entire consensus on China-US
(CAC) statement claimed. “China is entitled to make cybersecurity cooperation reached in 2015 by Chinese
laws and rules to regulate its cyberspace sovereignty President Xi Jinping with then US president Barack
following international practice.” According to the CAC, Obama. Both the US and China have been seriously
the security reviews for Internet products and services affected by cyber hazards. US federal agencies have
focus on whether the products or services are secure claimed that some of the hackings in America originated
and sufficiently managed, and on assessing the risk in China, but Beijing has denied these allegations. The US
of illegal control, disruption or interruption. They also was at the top of the list for both the number of breaches
evaluate the risk of providers using their products or by country and the number of identities stolen by
services to illegally gather, store, process or make use country. China ranked sixth in terms of stolen identities,
of user information, it added. “The security reviews will according to a 2017 Internet Security Threat Report
not target any particular country or region. They will not by Symantec. The two sides also agreed that “neither
discriminate against foreign technology or products, nor country’s government will conduct or knowingly support
limit their access to the Chinese market,” said the CAC. cyber-enabled theft of intellectual property, including
“On the contrary, they will boost consumer confidence trade secrets or other confidential business information,
in such products and services, and expand their markets.” with the intent of providing competitive advantages to
According to the law, operators of key information companies or commercial sectors” (Han).
infrastructure, including public communications and
information services, energy and finance, are required to One of the reasons the cyber security dialogue was
locally store personal information and vital data collected initiated was the hacking attacks on US companies and
and produced by their services in China. If business government agencies, which, despite Beijing’s consistent
110
Shen Yi, Deputy Director of the Cyberspace needs require them to provide the data and information
Governance Study Center at Fudan University wrote in for overseas use, a security evaluation must be carried
China Daily that misinterpreting certain provisions of out, the statement added. The provisions target those
the law as “hampering trade” or compromising China’s operating key information infrastructure, personal
commitments to the World Trade Organization and information and data that are vital to the country. The
sensationalizing the issue was not only unnecessary CAC claimed personal information is allowed to flow
but also could be misleading. According to Shen, abroad with the approval of individuals concerned and
Western multinational enterprises were overreacting to data is allowed to flow abroad after clearing security
“China’s lawful and justified enforcement of regulations” reviews. “Such provisions do not prohibit cross-border
because they were taking for granted the “super-national data flow, nor restrict international trade,” said the CAC,
treatment” offered by most developing countries and the saying cross-border data flow has been a prerequisite for
policy support by their home countries. Cybersecurity is economic globalization and the Belt and Road Initiative.
a precondition for national security. President Xi Jinping The CAC warned against infringement of its cyber
has emphasized the need to strike a balance between sovereignty under the pretext of providing free flow of
secure cyberspace and digital development, and ruled information. Preventing illegal information from entering
out the possibility of “shutting the door” to the Internet China does not contradict supporting the free flow of
for security concerns. The provision requiring key information, it said. “In the real world, all enterprises or
information on infrastructure operators’ data should be individuals are required to observe laws of the countries
especially protected as it is closely linked with national they enter, and there should be no exception made
security. Security reviews are necessary to ensure the data in cyberspace,” according to the statement. The CAC
system does not compromise China’s national security. reiterated that authorities aim to prohibit the spread
The ban on the misuse of users’ personal data is in line of illegal information rather than impeding free speech
with international practice. According to Shen, China (Xinhua, China Focus).
aspires to become a digitally advanced country, a great
opportunity for overseas Internet operators and service Washington and Beijing have reassured each other
providers, especially those in the possession of desired that they would not conduct or support “cyber-enabled
technologies or businesses (Shen). theft of intellectual property”. Indeed, the two countries
want to ramp up cybersecurity cooperation, including
“It does not restrict foreign companies or their combating hacking crimes and Internet fraud. Officials
technology and products from entering the Chinese attending the First US-China Law Enforcement and
market, nor does it limit the orderly, free flow of data,” Cybersecurity Dialogue, held in Washington June 2017,
a June 2017 Cyberspace Administration of China pledged to implement the entire consensus on China-US
(CAC) statement claimed. “China is entitled to make cybersecurity cooperation reached in 2015 by Chinese
laws and rules to regulate its cyberspace sovereignty President Xi Jinping with then US president Barack
following international practice.” According to the CAC, Obama. Both the US and China have been seriously
the security reviews for Internet products and services affected by cyber hazards. US federal agencies have
focus on whether the products or services are secure claimed that some of the hackings in America originated
and sufficiently managed, and on assessing the risk in China, but Beijing has denied these allegations. The US
of illegal control, disruption or interruption. They also was at the top of the list for both the number of breaches
evaluate the risk of providers using their products or by country and the number of identities stolen by
services to illegally gather, store, process or make use country. China ranked sixth in terms of stolen identities,
of user information, it added. “The security reviews will according to a 2017 Internet Security Threat Report
not target any particular country or region. They will not by Symantec. The two sides also agreed that “neither
discriminate against foreign technology or products, nor country’s government will conduct or knowingly support
limit their access to the Chinese market,” said the CAC. cyber-enabled theft of intellectual property, including
“On the contrary, they will boost consumer confidence trade secrets or other confidential business information,
in such products and services, and expand their markets.” with the intent of providing competitive advantages to
According to the law, operators of key information companies or commercial sectors” (Han).
infrastructure, including public communications and
information services, energy and finance, are required to One of the reasons the cyber security dialogue was
locally store personal information and vital data collected initiated was the hacking attacks on US companies and
and produced by their services in China. If business government agencies, which, despite Beijing’s consistent
110
