China cyber-security law will keep citizens' data within the Great Firewall

Foreign firms may suddenly find doing business there difficult


China's new cyber-security laws, which come into effect on Thursday, may make it harder for foreign businesses to trade in the country.

Under the regulations, data on Chinese citizens – including personal information, salary details and more – can only be kept within China. The law would also prevent the transmission of any economic, scientific or technological data overseas on either national security or public interest grounds, as defined by the Chinese government.

The rules apply to any "network operator" – a term that encompasses social media companies and large internet firms – and mean that they need users' permission before transferring any data on them outside the country. The consequences for businesses that fail to comply with this new law are dire: a refused or revoked licence can never be reversed. This means if companies that fail to comply with the so-called Bei'an licence laws are liable to get blacklisted.

Bill Hagestad, a former US Marine Corps lieutenant colonel turned cyber conflict author and researcher, told El Reg that the new rules reflect heightened concern in Beijing about foreign influence mediated through the internet.

"The new Chinese internet security law is designed to protect the cyber borders of China against foreign negative influences," Hagestad said. "[It is] also designed to ensure the Communist Party ideals are not directly or indirectly challenged by impure thoughts.

"Given the release of the Shadow Brokers' NSA tools, the Chinese are now more certain than ever before that any foreign technology brought into the Middle Kingdom must be inspected and deemed pure/free from any vulnerabilities that could challenge China's internet security."

Alex Nam, EMEA managing director of content delivery network CDNetworks, warned that foreign internet companies will now find it harder to trade in China.

"The new cybersecurity law on 1 June will make it harder for non-Chinese businesses to trade in the country," Nam said. "All businesses that host websites and web content (such as applications) in China will be affected. Yet many don't know what impact the law has on them or whether their business is in jeopardy.

"Thousands of government officials, as well as intelligent algorithms, are currently investigating whether non-Chinese companies meet all of the requirements of the new legislation. The new law has a huge impact on network operators and critical information infrastructure operators because they host websites in China on behalf of other companies. As a result, checks are being carried out to determine whether hosting providers and content delivery network (CDN) providers have the necessary licences, and are being asked by government officials to make the necessary changes in the shortest possible time."

CDNetworks says it's seeing "uncertainty from companies as to whether they are affected by the legislation".

"Without support and guidance, UK businesses are putting themselves at risk," Nam added. "Especially the UK businesses operating in China, who are completely unaware that this new law even impacts them." ®

Broader topics


Other stories you might like

  • Robotics and 5G to spur growth of SoC industry – report
    Big OEMs hogging production and COVID causing supply issues

    The system-on-chip (SoC) side of the semiconductor industry is poised for growth between now and 2026, when it's predicted to be worth $6.85 billion, according to an analyst's report. 

    Chances are good that there's an SoC-powered device within arm's reach of you: the tiny integrated circuits contain everything needed for a basic computer, leading to their proliferation in mobile, IoT and smart devices. 

    The report predicting the growth comes from advisory biz Technavio, which looked at a long list of companies in the SoC market. Vendors it analyzed include Apple, Broadcom, Intel, Nvidia, TSMC, Toshiba, and more. The company predicts that much of the growth between now and 2026 will stem primarily from robotics and 5G. 

    Continue reading
  • Deepfake attacks can easily trick live facial recognition systems online
    Plus: Next PyTorch release will support Apple GPUs so devs can train neural networks on their own laptops

    In brief Miscreants can easily steal someone else's identity by tricking live facial recognition software using deepfakes, according to a new report.

    Sensity AI, a startup focused on tackling identity fraud, carried out a series of pretend attacks. Engineers scanned the image of someone from an ID card, and mapped their likeness onto another person's face. Sensity then tested whether they could breach live facial recognition systems by tricking them into believing the pretend attacker is a real user.

    So-called "liveness tests" try to authenticate identities in real-time, relying on images or video streams from cameras like face recognition used to unlock mobile phones, for example. Nine out of ten vendors failed Sensity's live deepfake attacks.

    Continue reading
  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading

Biting the hand that feeds IT © 1998–2022