
The Chinese government's Cybersecurity Law, enacted in 2016, has been criticized by human rights groups and global businesses for providing the government with broad powers to monitor and regulate Internet services. The law, which is part of a series of laws aimed at strengthening national security, has been used to suppress dissent and restrict freedom of expression. Chinese dissidents face the challenge of navigating this legal landscape while also dealing with the government's use of hackers and private companies to target critics and dissidents. With ambiguous definitions of critical information infrastructure and network operators, the scope of the law's authority over internet companies remains unclear. To deal with the cybersecurity law, Chinese dissidents must be aware of their rights, utilize secure websites, and continue to defend democracy and freedom of speech.
| Characteristics | Values |
|---|---|
| Aim | To increase data protection, data localization, and cybersecurity in the interest of national security |
| Applicability | Network operators and businesses in critical sectors, including telecommunications, information services, energy transport, water, financial services, public services, and electronic government services |
| Requirements for Internet Companies | Provide technical support and assistance to public security organs, assist in investigating crimes and protecting national security, implement systems for cybersecurity monitoring, early warning, and notification |
| Identity Verification | Companies must verify an individual's real identity before providing internet services |
| Restrictions on Free Expression | Measures to restrict the use of "obscure expressions" online, targeting slang used to circumvent censorship |
| Surveillance and Censorship | Government continues to focus on "stability", resulting in increased restrictions on human rights, including surveillance and censorship of citizens living abroad |
| Legal Liability | Sets punishments for different types of illegal conduct, including fines, suspension, revocation of permits and business licenses |
| Data Security and Management | MIIT has launched trials for data security and management in the industry |
| Compliance and Monitoring | Rapid growth of market opportunities for the Chinese cybersecurity industry due to increasing compliance, auditing, and monitoring requirements |
Explore related products
What You'll Learn

Using secure websites to share sensitive information
The Chinese government's conception of cybersecurity is embedded within the country's political, economic, and technological context, differing from the Western world's preoccupation with hacking and unauthorized network intrusion. China's Cybersecurity Law aims to increase data protection, data localization, and cybersecurity for national security.
To share sensitive information securely, it is important to use official and secure websites. Look for HTTPS in the address bar, which ensures a secure connection. Additionally, consider using password-protected disk images or zip archives for added security. When choosing a password, ensure it is strong and unique, containing a mix of uppercase letters, lowercase letters, symbols, and numbers.
For messaging, iMessage, Signal, and WhatsApp are secure options, but they require both sender and recipient to use the same platform. For sharing sensitive documents, services like DocuSign provide a secure portal, commonly used by professionals who regularly receive sensitive information.
It is also important to be cautious when using email, as it may not offer end-to-end encryption. Consider requiring recipients to opt into a security system like PGP to enhance email security. Finally, be vigilant against unsolicited emails, links, and requests for quick responses, as these can be phishing attempts.
Public Voting on Federal Laws: Democracy's Future?
You may want to see also
Explore related products
$23.74 $39.99

Understanding China's definition of cybersecurity
China's definition of cybersecurity has evolved in recent years, with the country investing heavily in cybersecurity education, training, and industrial policy. This evolution has been influenced by the country's distinctive political, economic, and technological context, as well as its engagement with digital technology.
China's Cybersecurity Law, enacted in 2016 and implemented in 2017, is part of a wider series of laws aimed at strengthening national security. The law focuses on increasing data protection, data localisation, and cybersecurity. It applies to network operators and businesses in critical sectors, including telecommunications, information services, energy transport, water, financial services, public services, and electronic government services.
Some of the most controversial sections of the law include Article 28, which requires network operators to provide technical support and assistance to public security organs and hand over information when requested. Article 35 targets purchases of foreign software or hardware by government agencies or critical information infrastructure operators, requiring them to undergo a national security review.
China's definition of cybersecurity is shaped by its political system, which demands a monopoly on political power for the Chinese Communist Party (CCP) and a governance model that enables the Party leadership to maintain order. The primary perceived threat to this system is subversion by domestic or foreign hostile powers, making regime integrity and stability dominant factors in China's cybersecurity vision.
China's approach to cybersecurity also reflects its near-total absence from the emergence and popularisation of initial digital technologies and the international frameworks governing them. This has contributed to concerns about the proliferation of online harmful information, cyber attacks, malware, and the loss or disclosure of confidential information. As a result, security in the digital realm is defined as a full-spectrum concern, including defence against ordinary criminal activities, dissidents, and adversarial state actors.
Graphene's Promise: Saving Moore's Law and the Future of Computing
You may want to see also
Explore related products
$51.12 $59.95

The impact of the law on foreign companies
The impact of the Cybersecurity Law on foreign companies operating in China has been significant, presenting both challenges and opportunities. The law, enacted by the National People's Congress, aims to enhance data protection, data localization, and cybersecurity in the interest of national security. While the Chinese government views this law as necessary to strengthen national security legislation, foreign companies have faced several challenges due to the stringent measures imposed by the law.
One of the main challenges for foreign companies is the requirement to comply with invasive security audits. The law mandates that companies selling hardware and software solutions to critical infrastructure operators must undergo state-administered cybersecurity reviews. These reviews may include invasive security audits that require the submission of intellectual property (IP) and source code, creating concerns about the protection of sensitive business information.
Additionally, foreign companies have to bear the compliance costs associated with redesigning their products for the Chinese market. The National Information Security Standardization Technical Committee (TC260) has issued nearly 300 standards related to cybersecurity, covering various products such as software, routers, switches, and firewalls. Foreign companies must navigate these complex and evolving standards to ensure their products comply with the Chinese market requirements, which can be a costly and time-consuming process.
The Cybersecurity Law also has implications for data transmission and encryption. It establishes rules for the transnational transmission of data from critical information infrastructures, and companies are required to use state-approved encryption technologies. This can create challenges for foreign companies that rely on global data flows and may restrict their ability to use their preferred encryption methods.
Furthermore, the law's broad definition of "network operators" has caused uncertainty among foreign technology companies. Under Article 28, network operators, which can include social media platforms, application creators, and technology companies, are compelled to cooperate with public security organs and provide technical support during investigations. This vague definition leaves foreign companies unsure about their obligations and potential liabilities under the law.
While the Cybersecurity Law presents challenges, it also offers opportunities for foreign companies that can adapt to the new regulatory environment. Participating in TC260, for example, may help foreign businesses gain political support from the Chinese government, although their presence could become symbolic. Overall, foreign companies need to stay abreast of the evolving cybersecurity standards and regulations in China to successfully navigate the market while managing the associated costs and complexities.
Enforcing Laws: State-Maintained Roadways and Officer Jurisdiction
You may want to see also
Explore related products
$29

The law's effect on freedom of expression
China's Cybersecurity Law (CSL) has been criticised for its negative impact on freedom of expression in the country. The law, which came into effect on 1 June, gives the country's Cybersecurity Administration (CAC) the authority to investigate, censor, and punish service providers in China, and grants it broad rulemaking powers.
The CAC's aggressive approach has been described as having a "chilling effect" on freedom of expression. For instance, the new rules allow the government to de-anonymise, identify, and punish users who post political content online. This has already been put into practice, with police in the Guangdong province detaining an individual for moderating several political chat groups on Tencent's WeChat platform.
The CSL has also led to an increase in censorship activity. According to the CAC, 3.7 million incidents of illegal content were reported in June, a 40% increase from the previous year. Over 40% of this content was deemed to be political speech. The CAC has also announced investigations into Tencent, Sina, and Baidu for allegedly failing to regulate users who post illegal content under the CSL.
The law's broad language has been criticised for giving the government excessive control over the internet and online freedoms. China has advocated for a decentralised internet infrastructure, which critics argue could lead to a more centralised and controlled version of the internet, giving states more power over online content. This stance has been reflected in the country's foreign policy ambitions, such as the Digital Silk Road initiative, which has been criticised for exporting a model of cyber sovereignty that restricts online freedoms and is incompatible with international human rights law.
Additionally, the CSL has been used to prevent the use of virtual private networks (VPNs), which previously allowed users to bypass censorship and access blocked websites. While some foreign VPNs have found ways to circumvent detection, the ban on VPNs has further limited the ability of Chinese netizens to freely express themselves online.
The impact of the CSL on freedom of expression extends beyond China's borders. China has been accused of leveraging its networks in minilateral forums to promote its vision of "cyber sovereignty", which includes tight control of internet gateways and robust restriction of online freedoms. China's increasing influence in international standard-setting for emerging technologies has raised concerns about the potential fragmentation of the internet and the increase in cybersecurity threats, further reducing legal certainty and predictability in cyberspace.
Casino Operations: Navigating the Impact of Changing Laws
You may want to see also
Explore related products
$59.99 $99.99
$69.99 $84.99

The role of the Chinese Communist Party (CCP)
The Chinese Communist Party's (CCP) role in the country's cybersecurity landscape is complex and multifaceted. The CCP has been actively involved in shaping China's approach to cybersecurity through various means, including policy formulation, regulatory measures, and institutional mechanisms. Here are some key aspects of the CCP's role in cybersecurity:
- Data Control and Collection: The CCP has sought to exert control over data, considering it a crucial aspect of its quest for digital and technological dominance globally. The "Made in China 2025" plan, initiated by President Xi Jinping, emphasized the control of data as a key component of the nation's ambitions. The CCP leverages laws that grant it authority to collect data from Chinese companies, including popular apps like TikTok, Shein, and Temu, which are widely used internationally. This data collection enables the CCP to gain foreign intelligence and inform its influence efforts.
- Cybersecurity Laws and Regulations: The CCP has played a significant role in enacting and implementing comprehensive cybersecurity laws and regulations. The Cybersecurity Law of the People's Republic of China, passed by the National People's Congress, aimed to enhance data protection, data localization, and cybersecurity in the name of national security. The CCP has also incorporated existing laws on VPN, data security, and national intelligence into the cybersecurity law, reinforcing its control and emphasizing compliance from foreign companies operating in China.
- Cyber Governance Institutions: The CCP has established and influenced various cyber governance institutions to align government, industry, and academic stakeholders around its cyber-governance objectives. One notable example is the CyberSecurity Association of China (CSAC), which was created to shape the present and future of Chinese cybersecurity policy and engagement with international stakeholders. The CSAC's membership includes influential entities such as Alibaba, Chinese network security companies, and prominent scientific universities.
- International Cyber Diplomacy: With the formation of institutions like the Leading Small Group (LSG) and the CyberSecurity Association of China (CSAC), the CCP has gained the ability to engage in international cyber diplomacy at senior levels. This marks a shift from the previously fragmented cybersecurity bureaucracy, empowering the CCP to actively participate in global digital governance and shape international standards and norms.
- Countering Dissidents and Adversarial Actors: The CCP's concept of cybersecurity extends beyond traditional threats and includes a focus on countering dissidents and adversarial state actors, particularly those from the United States and its allies. The CCP has been accused of employing hackers and contract hackers to target critics, dissidents, and free speech advocates both domestically and internationally. The FBI and the U.S. Department of Justice have taken steps to disrupt and deter these malicious cyber activities, exposing the CCP's unlawful cyber practices.
The CCP's role in cybersecurity is driven by its desire for control, dominance, and the protection of its rule. Its actions have significant implications for global digital governance and the security of individuals, organizations, and governments worldwide.
Can Felons Practice Law? Understanding Legal Career Limitations
You may want to see also
Frequently asked questions
The Cybersecurity Law of the People's Republic of China was enacted to increase data protection, data localisation, and cybersecurity in the interest of national security. The law gives the government the authority to regulate and monitor Internet services.
The law has been criticised for its ambiguity and broad scope. For example, the law does not clearly define what constitutes "critical information infrastructure" and "national security". This ambiguity allows the government to impose restrictions on a wide range of foreign and domestic internet companies.
The Cybersecurity Law gives the government the power to monitor and restrict online expression, including the use of "obscure expressions" and slang used to circumvent censorship. Chinese dissidents, both within China and abroad, may face surveillance, censorship, and intimidation for expressing criticism of the government or the Chinese Communist Party (CCP).
Chinese dissidents can take several steps to protect themselves online, including using secure websites, avoiding sharing sensitive information, and being cautious about the use of slang or obscure expressions that may trigger censorship or surveillance. Dissidents can also stay informed about the evolving regulatory landscape and advocate for their right to privacy and freedom of expression.




























![VPN by Private Internet Access [Online Code]](https://m.media-amazon.com/images/I/41SExxr-xmL._AC_UL320_.jpg)







![Bitdefender Premium VPN | 10 Device | 1 Year [PC/Mac Online Code]](https://m.media-amazon.com/images/I/61TVPVyAWqL._AC_UL320_.jpg)






