China's internet regulator has issued a report in which it has outlined plans to formalize a new cybersecurity review which would represent a new challenge for foreign tech firms in what has become an increasingly volatile market for the tech sector. It has been an exceptionally difficult year for US technology companies in China - Uber sold off its operations, Apple services were discontinued in some parts - while Microsoft faced a new inquiry.
However, the latest proposal by the Cyberspace Administration of China looks set to create a new standoff - and further increase tensions between the US and China over internet policy. In the report submitted by the Cyberspace Administration it didn't elaborate on what the government checks would entail, but it has been speculated that it is likely to consist of security checks targeting encryption and data storage.
Over the last number of years, a number of US and other foreign tech firms were subject to a series of secretive Chinese security reviews. The reviews involved employees of tech companies being asked to disclose specific information about certain products in person. This naturally set alarms bells ringing off among many US tech companies '“ and now the latest news regarding the proposed cybersecurity reviews being formalized by China has increased fears.
US companies fear that once subject to secretive reviews, Chinese authorities may use the checks to extract trade secrets, or find weaknesses in the products for state hackers. The reviews are run by a committee of engineers and experts with ties to China's military and security agencies. It's a further indication of China's efforts to enhance the already unprecedented internet controls it has in place in the country.
China broadened their efforts to streamline cybersecurity management in the country '“ and seem intent on continuing this trend with the latest review. Only last month, it passed a new cybersecurity law which drew criticism from human rights groups and foreign companies. However, authorities seem undeterred by the scrutiny its policies in relation to cybersecurity have come under.
Beijing has struggled to balance its goal of fostering innovation with its desire to keep control over a communication medium it believes could be destabilizing. While it includes boilerplate references to opening up, the report makes clear that the government will continue to err on the side of control for now.
In a section subtitled 'Peace,' the report said that Beijing would work to get ahead of a global cybersecurity arms race threatening international peace. In another part, the regulator said that China would use military means if necessary to protect its internet sovereignty. China has said in the past that the internet represents a new realm, akin to space, in which it must assert its rulership rights.
The new report is the clearest signal yet of the government's intent to crystallize those checks into a formal policy.
Still, if China were to be more public about the checks, it could lead to copycat policies from other countries, analysts have said.
Drafts of proposed Chinese laws are typically released to domestic and foreign companies for comment. In this case, the reviews were carried out without formal legislative process, meaning that companies had little room to push back.