China is gearing up to enforce its new cybersecurity law, but foreign companies don’t know much about it, which is causing headaches.
According to a report in The New York Times, the law, which was approved in 2016 and takes effect today (01 June 2017), is aimed at helping Beijing control the internet within the borders of the country. Officials in China have said the rules will help protect against cyberattacks and terrorism, but concerns abound, particularly from businesses.
The law will have a big impact on how business is done in China, Michael Chang, an executive with the Finnish technology company Nokia and the vice president of the European Union Chamber of Commerce in China told the New York Times the law will have a huge impact on how companies conduct business in China and said there is a lot of confusion from business owners.
Under the new rules, companies would have to keep their data within the country and would face security checks if they operate in industries, including finance and communications. Individual users have to register their real names in order to be able to use messaging services, noted the report.
“Companies need to be fully up to speed with [the law’s] requirements, especially network operators managing data,” says Han Lai, the China Country Manager for digital forensics and eDiscovery specialist KrolLDiscovery in Shanghai. “Up until now, its rules have not been clearly defined or regularly enforced, but this new law is looking to change that.”
“This will affect the majority of foreign companies that operate in China, in particular those which use their global infrastructure and IT resources to operate their business in China, as the original data collected, including business data and customer data within China will typically be stored directly in the data centres or servers physically located overseas,” says Lai.
Sources: CFO Innovation / Pymnts