China launches tough cyber law despite concerns
BEIJING/SHANGHAI: China ushered in a tough new cyber security law yesterday, following years of fierce debate around the controversial legislation that many foreign business groups fear will hit their ability to operate in the country.
The law, passed by China’s rubber-stamp parliament in November, requires local and overseas firms to submit to security checks and store user data within the country.
China’s top cyber authority said on Wednesday it was not targeting foreign firms with the new law, after over 50 overseas companies and business groups lobbied against the legislation that includes stringent data storage and surveillance requirements.
“The purpose is to safeguard (China’s) national cyberspace sovereignty and national security ... rather than to restrict foreign enterprises,” the Cyberspace Administration of China (CAC) said in a statement on its website.
The law has sparked fierce push-back by firms and lobby groups who say vague wording of the regulations leaves foreign firms vulnerable to abstract interpretations of the rules.
Earlier this month Reuters reported the CAC met foreign business groups in a closed-door meeting to try to allay these fears, including an 18-month phase-in period for aspects of the regulations, according to attendees.
According to a revised draft of the rules, seen by Reuters, a phase-in period until the end of 2018 would relate to measures affecting cross-border data transfers, which has been one of the most contentious elements of the new law.
The CAC notice on Wednesday made no mention of a phase-in period. It added the law is not designed to hinder international trade or the flow of data across the Chinese border.