Author: Mirren Gidda / Source: Newsweek
For years China has known that it has a cyber-security problem. On June 13, 2013, the U.S. whistleblower Edward Snowden gave an explosive interview to the South China Morning Post while he was in hiding in Hong Kong. The National Security Agency, Snowden said, had carried out 61,000 global hacking operations, including in Hong Kong and mainland China.
For U.S. tech companies operating in China, Snowden’s revelations were bad news. As suspicions mounted, Cisco, an IT and networking multinational company, saw its Chinese revenues fall by 18 percent compared to the last fiscal quarter. Beijing began pushing for firms to use domestic telecommunications equipment and began making plans to shore up China’s cybersecurity. Now this plan is a day from being realized.
On June 1, China’s first cyber-security law will come into effect. Wide-ranging and loosely worded, it is likely to make life much harder for foreign companies who do business in China. Under the new law, companies authorities deem “critical”—meaning they hold data sensitive enough to harm people if it was hacked—will have to store all their Chinese data in the country. These companies will not just include obvious targets like banks. Officials in Shanghai, the Financial Times reported, suggested that food delivery companies could even be included. Beijing will also review the data systems of these critical businesses to make sure they are secure.
Companies not considered critical will still have to develop data protection measures; store data relating to China or Chinese people on domestic servers; and get permission from the relevant authorities before moving large amounts of data abroad.
Click here to read more